Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-3705

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-19 Jul, 2006 | 10:00
Updated At-07 Aug, 2024 | 18:39
Rejected At-
Credits

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB21 for Statistics and (2) DB22 for Upgrade & Downgrade. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable researcher that DB21 is for a local SQL injection vulnerability in SYS.DBMS_STATS, and that DB22 is for SQL injection in SYS.DBMS_UPGRADE.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:19 Jul, 2006 | 10:00
Updated At:07 Aug, 2024 | 18:39
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB21 for Statistics and (2) DB22 for Upgrade & Downgrade. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable researcher that DB21 is for a local SQL injection vulnerability in SYS.DBMS_STATS, and that DB22 is for SQL injection in SYS.DBMS_UPGRADE.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://securitytracker.com/id?1016529
vdb-entry
x_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/27887
vdb-entry
x_refsource_XF
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_upgrade.html
x_refsource_MISC
http://www.securityfocus.com/bid/19054
vdb-entry
x_refsource_BID
http://securityreason.com/securityalert/1251
third-party-advisory
x_refsource_SREASON
https://exchange.xforce.ibmcloud.com/vulnerabilities/27897
vdb-entry
x_refsource_XF
http://secunia.com/advisories/21165
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/440758/100/100/threaded
vendor-advisory
x_refsource_HP
http://www.vupen.com/english/advisories/2006/2947
vdb-entry
x_refsource_VUPEN
http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html
x_refsource_MISC
http://www.securityfocus.com/archive/1/440758/100/100/threaded
vendor-advisory
x_refsource_HP
http://www.us-cert.gov/cas/techalerts/TA06-200A.html
third-party-advisory
x_refsource_CERT
http://secunia.com/advisories/21111
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/440453/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/27886
vdb-entry
x_refsource_XF
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047993.html
mailing-list
x_refsource_FULLDISC
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_stats.html
x_refsource_MISC
http://www.securityfocus.com/archive/1/440447/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2006/2863
vdb-entry
x_refsource_VUPEN
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047992.html
mailing-list
x_refsource_FULLDISC
Hyperlink: http://securitytracker.com/id?1016529
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27887
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_upgrade.html
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/bid/19054
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://securityreason.com/securityalert/1251
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27897
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://secunia.com/advisories/21165
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/440758/100/100/threaded
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.vupen.com/english/advisories/2006/2947
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/archive/1/440758/100/100/threaded
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-200A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://secunia.com/advisories/21111
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/440453/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27886
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047993.html
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_stats.html
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/archive/1/440447/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2006/2863
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047992.html
Resource:
mailing-list
x_refsource_FULLDISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://securitytracker.com/id?1016529
vdb-entry
x_refsource_SECTRACK
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/27887
vdb-entry
x_refsource_XF
x_transferred
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_upgrade.html
x_refsource_MISC
x_transferred
http://www.securityfocus.com/bid/19054
vdb-entry
x_refsource_BID
x_transferred
http://securityreason.com/securityalert/1251
third-party-advisory
x_refsource_SREASON
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/27897
vdb-entry
x_refsource_XF
x_transferred
http://secunia.com/advisories/21165
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/archive/1/440758/100/100/threaded
vendor-advisory
x_refsource_HP
x_transferred
http://www.vupen.com/english/advisories/2006/2947
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html
x_refsource_MISC
x_transferred
http://www.securityfocus.com/archive/1/440758/100/100/threaded
vendor-advisory
x_refsource_HP
x_transferred
http://www.us-cert.gov/cas/techalerts/TA06-200A.html
third-party-advisory
x_refsource_CERT
x_transferred
http://secunia.com/advisories/21111
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/archive/1/440453/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/27886
vdb-entry
x_refsource_XF
x_transferred
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047993.html
mailing-list
x_refsource_FULLDISC
x_transferred
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_stats.html
x_refsource_MISC
x_transferred
http://www.securityfocus.com/archive/1/440447/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2006/2863
vdb-entry
x_refsource_VUPEN
x_transferred
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047992.html
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://securitytracker.com/id?1016529
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27887
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_upgrade.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/bid/19054
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://securityreason.com/securityalert/1251
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27897
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://secunia.com/advisories/21165
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/440758/100/100/threaded
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/2947
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/440758/100/100/threaded
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-200A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://secunia.com/advisories/21111
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/440453/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27886
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047993.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_stats.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/440447/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/2863
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047992.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:21 Jul, 2006 | 14:03
Updated At:03 Apr, 2025 | 01:03

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB21 for Statistics and (2) DB22 for Upgrade & Downgrade. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable researcher that DB21 is for a local SQL injection vulnerability in SYS.DBMS_STATS, and that DB22 is for SQL injection in SYS.DBMS_UPGRADE.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Oracle Corporation
oracle
>>database_server>>10.1.0.5
cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047992.htmlcve@mitre.org
N/A
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047993.htmlcve@mitre.org
N/A
http://secunia.com/advisories/21111cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/21165cve@mitre.org
Vendor Advisory
http://securityreason.com/securityalert/1251cve@mitre.org
N/A
http://securitytracker.com/id?1016529cve@mitre.org
N/A
http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.htmlcve@mitre.org
N/A
http://www.red-database-security.com/advisory/oracle_cpu_july_2006.htmlcve@mitre.org
Patch
Vendor Advisory
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_stats.htmlcve@mitre.org
N/A
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_upgrade.htmlcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/440447/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/440453/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/440758/100/100/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/440758/100/100/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/19054cve@mitre.org
Patch
http://www.us-cert.gov/cas/techalerts/TA06-200A.htmlcve@mitre.org
US Government Resource
http://www.vupen.com/english/advisories/2006/2863cve@mitre.org
Vendor Advisory
http://www.vupen.com/english/advisories/2006/2947cve@mitre.org
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27886cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/27887cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/27897cve@mitre.org
N/A
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047992.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047993.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21111af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21165af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://securityreason.com/securityalert/1251af854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1016529af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.red-database-security.com/advisory/oracle_cpu_july_2006.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_stats.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_upgrade.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/440447/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/440453/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/440758/100/100/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/440758/100/100/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/19054af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.us-cert.gov/cas/techalerts/TA06-200A.htmlaf854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.vupen.com/english/advisories/2006/2863af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2006/2947af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27886af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/27887af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/27897af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047992.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047993.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/21111
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21165
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://securityreason.com/securityalert/1251
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securitytracker.com/id?1016529
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_stats.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_upgrade.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/440447/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/440453/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/440758/100/100/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/440758/100/100/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/19054
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-200A.html
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2006/2863
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2006/2947
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27886
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27887
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27897
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047992.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047993.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21111
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21165
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://securityreason.com/securityalert/1251
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1016529
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_stats.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_upgrade.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/440447/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/440453/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/440758/100/100/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/440758/100/100/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/19054
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-200A.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2006/2863
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2006/2947
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27886
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27887
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27897
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

409Records found
CVE-2008-4006
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-2.33% / 84.19%
||
7 Day CHG~0.00%
Published-14 Jan, 2009 | 01:00
Updated-07 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.1.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aOracle Corporation
Product-secure_backupn/a
CVE-2016-6662
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-89.17% / 99.51%
||
7 Day CHG~0.00%
Published-20 Sep, 2016 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.

Action-Not Available
Vendor-perconan/aMariaDB FoundationRed Hat, Inc.Debian GNU/LinuxOracle Corporation
Product-enterprise_linuxenterprise_linux_serverenterprise_linux_server_ausmariadbmysqlenterprise_linux_desktoppercona_serverenterprise_linux_server_eusenterprise_linux_server_tusenterprise_linux_workstationdebian_linuxopenstackn/a
CVE-2013-2383
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-7.36% / 91.33%
||
7 Day CHG~0.00%
Published-17 Apr, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "handling of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2008-3257
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-78.22% / 98.98%
||
7 Day CHG~0.00%
Published-22 Jul, 2008 | 16:00
Updated-07 Aug, 2024 | 09:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.

Action-Not Available
Vendor-n/aOracle CorporationBEA Systems, Inc.
Product-apache_connector_in_weblogic_serverweblogic_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-2590
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-76.85% / 98.91%
||
7 Day CHG~0.00%
Published-16 Jul, 2015 | 10:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxRed Hat, Inc.SUSEOracle CorporationopenSUSE
Product-enterprise_linux_serverenterprise_linux_for_ibm_z_systems_eusenterprise_linux_for_power_little_endian_eusenterprise_linux_eusenterprise_linux_for_power_big_endian_eusenterprise_linux_for_power_little_endianjdklinux_enterprise_desktopdebian_linuxenterprise_linux_for_power_big_endianenterprise_linux_server_ausenterprise_linux_for_ibm_z_systemsopensuseenterprise_linux_desktopubuntu_linuxsatelliteenterprise_linux_server_tusenterprise_linux_workstationjrelinux_enterprise_serverlinux_enterprise_debuginfon/aJava SE
CVE-2005-3446
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.05% / 83.13%
||
7 Day CHG~0.00%
Published-02 Nov, 2005 | 11:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Internet Directory in Oracle Database Server 9i up to 9.2.0.6 and Application Server 9.0.2.3 up to 10.1.2.0 has unknown impact and attack vectors, aka Oracle Vuln# DB32 and AS06.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_serverdatabase_servern/a
CVE-2013-0422
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-93.68% / 99.84%
||
7 Day CHG~0.00%
Published-10 Jan, 2013 | 21:23
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-15||Apply updates per vendor instructions.

Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue.

Action-Not Available
Vendor-n/aCanonical Ltd.Oracle CorporationopenSUSE
Product-jdkopensusejreubuntu_linuxn/aJava Runtime Environment (JRE)
CWE ID-CWE-284
Improper Access Control
CVE-2015-6013
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-10||HIGH
EPSS-19.92% / 95.25%
||
7 Day CHG~0.00%
Published-22 Jan, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6014, CVE-2015-6015, and CVE-2016-0432. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is a stack-based buffer overflow in Oracle Outside In 8.5.2 and earlier, which allows remote attackers to execute arbitrary code via a crafted WK4 file.

Action-Not Available
Vendor-n/aOracle Corporation
Product-outside_in_technologyn/a
CVE-2012-1723
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-94.08% / 99.89%
||
7 Day CHG~0.00%
Published-16 Jun, 2012 | 21:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

Action-Not Available
Vendor-n/aOracle CorporationRed Hat, Inc.
Product-enterprise_linux_desktopenterprise_linux_server_ausenterprise_linux_eusenterprise_linux_workstationicedtea6jdkjreenterprise_linux_servern/aJava SE
CWE ID-CWE-284
Improper Access Control
CVE-2017-5638
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-94.27% / 99.93%
||
7 Day CHG~0.00%
Published-11 Mar, 2017 | 02:11
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

Action-Not Available
Vendor-NetApp, Inc.HP Inc.Lenovo Group LimitedAruba NetworksIBM CorporationThe Apache Software FoundationOracle Corporation
Product-strutsstorwize_v7000storage_v5030weblogic_serverstorwize_v3500_firmwareclearpass_policy_manageroncommand_balancestorage_v5030_firmwarestorwize_v7000_firmwarestorwize_v5000storwize_v3500storwize_v5000_firmwareserver_automationApache StrutsStruts
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2005-3437
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.21% / 86.52%
||
7 Day CHG~0.00%
Published-02 Nov, 2005 | 11:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the PL/SQL component in Oracle Database Server 9i up to 10.1.0.4 has unknown impact and attack vectors, aka Oracle Vuln# DB01.

Action-Not Available
Vendor-n/aOracle Corporation
Product-database_servern/a
CVE-2016-5118
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-35.42% / 96.92%
||
7 Day CHG~0.00%
Published-10 Jun, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

Action-Not Available
Vendor-n/aOracle CorporationImageMagick Studio LLCCanonical Ltd.Debian GNU/LinuxGraphicsMagickSUSEopenSUSE
Product-solarisstudio_onsiteleapopensuseubuntu_linuximagemagickgraphicsmagicklinux_enterprise_desktoplinux_enterprise_debuginfolinux_enterprise_workstation_extensiondebian_linuxlinuxlinux_enterprise_serverlinux_enterprise_software_development_kitn/a
CVE-2015-4844
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-16.77% / 94.68%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2016-3607
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-4.55% / 88.76%
||
7 Day CHG~0.00%
Published-21 Jul, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Web Container.

Action-Not Available
Vendor-n/aOracle Corporation
Product-glassfish_servern/a
CVE-2008-1831
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.14% / 77.51%
||
7 Day CHG~0.00%
Published-16 Apr, 2008 | 10:00
Updated-07 Aug, 2024 | 08:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in the Siebel SimBuilder component in Oracle Siebel Enterprise 7.8.2 and 7.8.5 have unknown impact and remote or local attack vectors, aka (1) SEBL01, (2) SEBL02, (3) SEBL03, (4) SEBL04, (5) SEBL05, and (6) SEBL06.

Action-Not Available
Vendor-n/aOracle Corporation
Product-siebel_enterprisen/a
CVE-2016-3556
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-2.56% / 84.94%
||
7 Day CHG~0.00%
Published-21 Jul, 2016 | 10:00
Updated-08 May, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to EM Integration.

Action-Not Available
Vendor-n/aOracle Corporation
Product-agile_product_lifecycle_managementn/a
CVE-2016-3493
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-3.60% / 87.30%
||
7 Day CHG~0.00%
Published-21 Jul, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Hyperion Financial Reporting component in Oracle Hyperion 11.1.2.4 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Security Models.

Action-Not Available
Vendor-n/aOracle Corporation
Product-hyperion_financial_reportingn/a
CVE-2016-3468
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-3.38% / 86.88%
||
7 Day CHG~0.00%
Published-21 Jul, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Install.

Action-Not Available
Vendor-n/aOracle Corporation
Product-agile_engineering_data_managementn/a
CVE-2008-1825
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.93% / 75.12%
||
7 Day CHG~0.00%
Published-16 Apr, 2008 | 10:00
Updated-07 Aug, 2024 | 08:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 has unknown impact and remote attack vectors, aka AS03.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_server_9in/a
CVE-2016-3444
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-3.38% / 86.88%
||
7 Day CHG~0.00%
Published-21 Jul, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Install.

Action-Not Available
Vendor-n/aOracle Corporation
Product-retail_integration_busn/a
CVE-2005-3463
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.17% / 86.42%
||
7 Day CHG-0.67%
Published-02 Nov, 2005 | 11:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.03 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE03.

Action-Not Available
Vendor-n/aOracle Corporation
Product-peoplesoft_enterprisen/a
CVE-2016-3499
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-5.25% / 89.59%
||
7 Day CHG~0.00%
Published-21 Jul, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0 and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Web Container.

Action-Not Available
Vendor-n/aOracle Corporation
Product-weblogic_servern/a
CVE-2016-3551
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-4.00% / 87.98%
||
7 Day CHG~0.00%
Published-25 Oct, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXWS Web Services Stack.

Action-Not Available
Vendor-n/aOracle Corporation
Product-weblogic_servern/a
CVE-2016-3586
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-12.86% / 93.77%
||
7 Day CHG~0.00%
Published-21 Jul, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3510.

Action-Not Available
Vendor-n/aOracle Corporation
Product-weblogic_servern/a
CVE-2005-3465
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.42% / 86.98%
||
7 Day CHG~0.00%
Published-02 Nov, 2005 | 11:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in JDEdwards HTML Server in Oracle EnterpriseOne 8.94 OneWorld XE up to 8.95_B1, 8.94_Q1, and SP23_K1 has unknown impact and attack vectors, as identified by Oracle Vuln# JDE01.

Action-Not Available
Vendor-jdedwardsn/aOracle Corporation
Product-enterpriseoneoneworld_xen/a
CVE-2016-3427
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-93.63% / 99.83%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-06-02||Apply updates per vendor instructions.

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

Action-Not Available
Vendor-n/aNetApp, Inc.Debian GNU/LinuxRed Hat, Inc.SUSECanonical Ltd.The Apache Software FoundationOracle CorporationopenSUSE
Product-oncommand_workflow_automationoncommand_performance_managerlinux_enterprise_serveroncommand_shiftmanager_proxyenterprise_linux_server_eusoncommand_unified_managerjdkoncommand_reportmanagere-series_santricity_web_servicesdebian_linuxlinuxvasa_provider_for_clustered_data_ontape-series_santricity_management_plug-insenterprise_linux_server_ausstoragegridjrockitleapopensuseenterprise_linux_desktope-series_santricity_storage_managersatelliteenterprise_linux_serverenterprise_linux_euslinux_enterprise_module_for_legacyopenstack_cloudlinux_enterprise_desktoplinux_enterprise_software_development_kitoncommand_insightoncommand_balanceubuntu_linuxoncommand_cloud_managerenterprise_linux_server_tusenterprise_linux_workstationjrecassandravirtual_storage_consolen/aJava SE and JRockit
CWE ID-CWE-284
Improper Access Control
CVE-2008-1826
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.14% / 77.51%
||
7 Day CHG~0.00%
Published-16 Apr, 2008 | 10:00
Updated-07 Aug, 2024 | 08:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and attack vectors related to (a) Advanced Pricing, aka (1) APP01 and (2) APP10; and (b) Applications Framework, aka (3) APP05.

Action-Not Available
Vendor-n/aOracle Corporation
Product-e-business_suiten/a
CVE-2016-1930
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.12% / 83.45%
||
7 Day CHG~0.00%
Published-31 Jan, 2016 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aMozilla CorporationOracle CorporationopenSUSE
Product-leapfirefoxopensuselinuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3613
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-5.24% / 89.58%
||
7 Day CHG~0.00%
Published-21 Jul, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, and 5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to OpenSSL.

Action-Not Available
Vendor-n/aOracle Corporation
Product-secure_global_desktopn/a
CVE-2008-1812
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.93% / 75.12%
||
7 Day CHG~0.00%
Published-16 Apr, 2008 | 10:00
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01.

Action-Not Available
Vendor-n/aOracle Corporation
Product-database_9iapplication_servern/a
CVE-2016-1962
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.44% / 88.61%
||
7 Day CHG~0.00%
Published-13 Mar, 2016 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections.

Action-Not Available
Vendor-n/aMozilla CorporationOracle CorporationopenSUSE
Product-firefoxopensuselinuxn/a
CVE-2008-1823
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.93% / 75.12%
||
7 Day CHG~0.00%
Published-16 Apr, 2008 | 10:00
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.14 has unknown impact and remote attack vectors, aka AS01.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jinitiatorn/a
CVE-2008-1822
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.93% / 75.12%
||
7 Day CHG~0.00%
Published-16 Apr, 2008 | 10:00
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Application Express component in Oracle Application Express 3.0.1 has unknown impact and remote attack vectors, aka APEX02.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_expressn/a
CVE-2008-1827
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.78% / 85.49%
||
7 Day CHG~0.00%
Published-16 Apr, 2008 | 10:00
Updated-07 Aug, 2024 | 08:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 and 12.0.4 have unknown impact and attack vectors related to (a) Advanced Pricing component, aka (1) APP02, (2) APP03, and (3) APP09; (b) Application Object Library component, aka (4) APP04, (5) APP07, and (6) APP11; (c) Applications Manager component, aka (7) APP06; (d) and Applications Technology Stack component, aka (8) APP08.

Action-Not Available
Vendor-n/aOracle Corporation
Product-e-business_suite_12e-business_suite_11in/a
CVE-2005-3449
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.63% / 81.11%
||
7 Day CHG~0.00%
Published-02 Nov, 2005 | 11:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Oracle Application Server 9.0 up to 10.1.2.0 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) AS02 in Containers for J2EE, (2) AS07 in Internet Directory, (3) AS09 in Report Server, and (4) AS11 in Web Cache.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_servern/a
CVE-2005-3445
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.02% / 83.02%
||
7 Day CHG~0.00%
Published-02 Nov, 2005 | 11:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 and Application Server 1.0.2.2 up to 10.1.2.0 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB30 and AS03 or (2) DB31 and AS05.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_serverdatabase_servern/a
CVE-2016-0705
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-38.43% / 97.14%
||
7 Day CHG-5.90%
Published-03 Mar, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key.

Action-Not Available
Vendor-n/aGoogle LLCOpenSSLDebian GNU/LinuxOracle CorporationCanonical Ltd.
Product-mysqlubuntu_linuxopenssldebian_linuxandroidn/a
CVE-2016-0494
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-7.77% / 91.58%
||
7 Day CHG~0.00%
Published-21 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle CorporationCanonical Ltd.
Product-jreubuntu_linuxjdkn/a
CVE-2016-0639
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-17.04% / 94.73%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication.

Action-Not Available
Vendor-n/aRed Hat, Inc.Oracle Corporation
Product-enterprise_linuxmysqln/a
CVE-2016-0483
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-12.01% / 93.52%
||
7 Day CHG~0.00%
Published-21 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.

Action-Not Available
Vendor-n/aOracle CorporationCanonical Ltd.
Product-jrockitjrejdkubuntu_linuxn/a
CVE-2016-0686
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.6||CRITICAL
EPSS-5.41% / 89.76%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2015-6015
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-10||HIGH
EPSS-19.92% / 95.25%
||
7 Day CHG~0.00%
Published-22 Jan, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2016-0432. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is a stack-based buffer overflow in Oracle Outside In 8.5.2 and earlier, which allows remote attackers to execute arbitrary code via a crafted Paradox DB file.

Action-Not Available
Vendor-n/aOracle Corporation
Product-outside_in_technologyn/a
CVE-2008-0345
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.72% / 81.61%
||
7 Day CHG~0.00%
Published-17 Jan, 2008 | 22:00
Updated-07 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Core RDBMS component in Oracle Database 11.1.0.6 has unknown impact and remote attack vectors, aka DB08.

Action-Not Available
Vendor-n/aOracle Corporation
Product-peoplesoft_enterprise_peopletoolse-business_suitecollaboration_suiteapplication_serverdatabase_servern/a
CVE-2015-4883
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.74% / 92.13%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2015-4860
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.74% / 92.13%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2008-0341
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.30% / 84.09%
||
7 Day CHG~0.00%
Published-17 Jan, 2008 | 22:00
Updated-07 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+ and 10.1.0.5 has unknown impact and remote attack vectors, aka DB03.

Action-Not Available
Vendor-n/aOracle Corporation
Product-database_servern/a
CVE-2015-4760
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.69% / 92.11%
||
7 Day CHG~0.00%
Published-16 Jul, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2015-4843
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-22.06% / 95.57%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2015-4915
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-2.47% / 84.64%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Management.

Action-Not Available
Vendor-n/aOracle Corporation
Product-oracle_and_sun_systems_product_suiten/a
CVE-2008-0348
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.72% / 81.61%
||
7 Day CHG~0.00%
Published-17 Jan, 2008 | 22:00
Updated-07 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04.

Action-Not Available
Vendor-n/aOracle Corporation
Product-peoplesoft_enterprise_peopletoolse-business_suitecollaboration_suiteapplication_serverdatabase_servern/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 8
  • 9
  • Next
Details not found