Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-4031

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-09 Aug, 2006 | 22:00
Updated At-07 Aug, 2024 | 18:57
Rejected At-
Credits

MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:09 Aug, 2006 | 22:00
Updated At:07 Aug, 2024 | 18:57
Rejected At:
▼CVE Numbering Authority (CNA)

MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/21259
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21627
third-party-advisory
x_refsource_SECUNIA
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
third-party-advisory
x_refsource_CERT
http://www.novell.com/linux/security/advisories/2006_23_sr.html
vendor-advisory
x_refsource_SUSE
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
vendor-advisory
x_refsource_APPLE
http://www.vupen.com/english/advisories/2006/3079
vdb-entry
x_refsource_VUPEN
http://www.securityfocus.com/bid/19279
vdb-entry
x_refsource_BID
http://www.ubuntu.com/usn/usn-338-1
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/31226
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468
vdb-entry
signature
x_refsource_OVAL
http://docs.info.apple.com/article.html?artnum=305214
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2008-0768.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/21382
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:149
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/22080
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21770
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21685
third-party-advisory
x_refsource_SECUNIA
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html
x_refsource_CONFIRM
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html
x_refsource_CONFIRM
http://securitytracker.com/id?1016617
vdb-entry
x_refsource_SECTRACK
http://bugs.mysql.com/bug.php?id=15195
x_refsource_MISC
http://secunia.com/advisories/30351
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/0930
vdb-entry
x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2007-0083.html
vendor-advisory
x_refsource_REDHAT
https://issues.rpath.com/browse/RPL-568
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2008-0364.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/24479
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21259
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21627
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://www.novell.com/linux/security/advisories/2006_23_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://www.vupen.com/english/advisories/2006/3079
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.securityfocus.com/bid/19279
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.ubuntu.com/usn/usn-338-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/31226
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://docs.info.apple.com/article.html?artnum=305214
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0768.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/21382
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:149
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/22080
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21770
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21685
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://securitytracker.com/id?1016617
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://bugs.mysql.com/bug.php?id=15195
Resource:
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/30351
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2007/0930
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0083.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://issues.rpath.com/browse/RPL-568
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0364.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/24479
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/21259
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21627
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
third-party-advisory
x_refsource_CERT
x_transferred
http://www.novell.com/linux/security/advisories/2006_23_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://www.vupen.com/english/advisories/2006/3079
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.securityfocus.com/bid/19279
vdb-entry
x_refsource_BID
x_transferred
http://www.ubuntu.com/usn/usn-338-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/31226
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://docs.info.apple.com/article.html?artnum=305214
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0768.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/21382
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:149
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/22080
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21770
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21685
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html
x_refsource_CONFIRM
x_transferred
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html
x_refsource_CONFIRM
x_transferred
http://securitytracker.com/id?1016617
vdb-entry
x_refsource_SECTRACK
x_transferred
http://bugs.mysql.com/bug.php?id=15195
x_refsource_MISC
x_transferred
http://secunia.com/advisories/30351
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2007/0930
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.redhat.com/support/errata/RHSA-2007-0083.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://issues.rpath.com/browse/RPL-568
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0364.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/24479
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21259
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21627
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2006_23_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/3079
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/19279
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-338-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/31226
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://docs.info.apple.com/article.html?artnum=305214
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0768.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/21382
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:149
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/22080
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21770
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21685
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://securitytracker.com/id?1016617
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://bugs.mysql.com/bug.php?id=15195
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/30351
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/0930
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0083.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-568
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0364.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/24479
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:09 Aug, 2006 | 22:04
Updated At:03 Apr, 2025 | 01:03

MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
mysql
mysql
>>mysql>>4.1.0
cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.2
cpe:2.3:a:mysql:mysql:4.1.2:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.3
cpe:2.3:a:mysql:mysql:4.1.3:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.8
cpe:2.3:a:mysql:mysql:4.1.8:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.10
cpe:2.3:a:mysql:mysql:4.1.10:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.12
cpe:2.3:a:mysql:mysql:4.1.12:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.13
cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.14
cpe:2.3:a:mysql:mysql:4.1.14:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.15
cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.1
cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.2
cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.3
cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.4
cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.5
cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.5.0.21
cpe:2.3:a:mysql:mysql:5.0.5.0.21:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.10
cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.15
cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.16
cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.17
cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.20
cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.22.1.0.1
cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.22.27
cpe:2.3:a:oracle:mysql:3.22.27:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.22.28
cpe:2.3:a:oracle:mysql:3.22.28:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.22.29
cpe:2.3:a:oracle:mysql:3.22.29:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.22.30
cpe:2.3:a:oracle:mysql:3.22.30:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.22.32
cpe:2.3:a:oracle:mysql:3.22.32:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23
cpe:2.3:a:oracle:mysql:3.23:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.0
cpe:2.3:a:oracle:mysql:3.23.0:alpha:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.1
cpe:2.3:a:oracle:mysql:3.23.1:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.2
cpe:2.3:a:oracle:mysql:3.23.2:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.3
cpe:2.3:a:oracle:mysql:3.23.3:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.4
cpe:2.3:a:oracle:mysql:3.23.4:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.5
cpe:2.3:a:oracle:mysql:3.23.5:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.6
cpe:2.3:a:oracle:mysql:3.23.6:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.7
cpe:2.3:a:oracle:mysql:3.23.7:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.8
cpe:2.3:a:oracle:mysql:3.23.8:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.9
cpe:2.3:a:oracle:mysql:3.23.9:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.10
cpe:2.3:a:oracle:mysql:3.23.10:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.11
cpe:2.3:a:oracle:mysql:3.23.11:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.12
cpe:2.3:a:oracle:mysql:3.23.12:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.13
cpe:2.3:a:oracle:mysql:3.23.13:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.14
cpe:2.3:a:oracle:mysql:3.23.14:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.15
cpe:2.3:a:oracle:mysql:3.23.15:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.16
cpe:2.3:a:oracle:mysql:3.23.16:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.17
cpe:2.3:a:oracle:mysql:3.23.17:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.18
cpe:2.3:a:oracle:mysql:3.23.18:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.19
cpe:2.3:a:oracle:mysql:3.23.19:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.20
cpe:2.3:a:oracle:mysql:3.23.20:beta:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.21
cpe:2.3:a:oracle:mysql:3.23.21:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>3.23.22
cpe:2.3:a:oracle:mysql:3.23.22:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

This vulnerability is addressed in the following product releases: MySQL, MySQL, 4.1.21 MySQL, MySQL, 5.0.24

Vendor Statements
Organization : Red Hat
Last Modified : 2008-07-25T00:00:00

This issue was corrected in all affected mysql packages versions as shipped in Red Hat Enterprise Linux or Red Hat Application Stack via: https://rhn.redhat.com/errata/CVE-2006-4031.html This issue did not affect mysql packages as shipped with Red Hat Enterprise Linux 2.1 or 3

References
HyperlinkSourceResource
http://bugs.mysql.com/bug.php?id=15195cve@mitre.org
Exploit
Patch
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.htmlcve@mitre.org
Patch
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.htmlcve@mitre.org
Patch
http://docs.info.apple.com/article.html?artnum=305214cve@mitre.org
N/A
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlcve@mitre.org
N/A
http://secunia.com/advisories/21259cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/21382cve@mitre.org
N/A
http://secunia.com/advisories/21627cve@mitre.org
N/A
http://secunia.com/advisories/21685cve@mitre.org
N/A
http://secunia.com/advisories/21770cve@mitre.org
N/A
http://secunia.com/advisories/22080cve@mitre.org
N/A
http://secunia.com/advisories/24479cve@mitre.org
N/A
http://secunia.com/advisories/30351cve@mitre.org
N/A
http://secunia.com/advisories/31226cve@mitre.org
N/A
http://securitytracker.com/id?1016617cve@mitre.org
Patch
http://www.mandriva.com/security/advisories?name=MDKSA-2006:149cve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2006_23_sr.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2007-0083.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0364.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0768.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/19279cve@mitre.org
Patch
http://www.ubuntu.com/usn/usn-338-1cve@mitre.org
N/A
http://www.us-cert.gov/cas/techalerts/TA07-072A.htmlcve@mitre.org
US Government Resource
http://www.vupen.com/english/advisories/2006/3079cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2007/0930cve@mitre.org
N/A
https://issues.rpath.com/browse/RPL-568cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468cve@mitre.org
N/A
http://bugs.mysql.com/bug.php?id=15195af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://docs.info.apple.com/article.html?artnum=305214af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21259af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/21382af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21627af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21685af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21770af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22080af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/24479af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/30351af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/31226af854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1016617af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.mandriva.com/security/advisories?name=MDKSA-2006:149af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2006_23_sr.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2007-0083.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2008-0364.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2008-0768.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/19279af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.ubuntu.com/usn/usn-338-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.us-cert.gov/cas/techalerts/TA07-072A.htmlaf854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.vupen.com/english/advisories/2006/3079af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/0930af854a3a-2127-422b-91ae-364da2661108
N/A
https://issues.rpath.com/browse/RPL-568af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://bugs.mysql.com/bug.php?id=15195
Source: cve@mitre.org
Resource:
Exploit
Patch
Hyperlink: http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://docs.info.apple.com/article.html?artnum=305214
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/21259
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21382
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/21627
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/21685
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/21770
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/22080
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/24479
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/30351
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/31226
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securitytracker.com/id?1016617
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:149
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2006_23_sr.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0083.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0364.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0768.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/19279
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.ubuntu.com/usn/usn-338-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2006/3079
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/0930
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-568
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://bugs.mysql.com/bug.php?id=15195
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://docs.info.apple.com/article.html?artnum=305214
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21259
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21382
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21627
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21685
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21770
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/22080
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/24479
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/30351
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/31226
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1016617
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:149
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2006_23_sr.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0083.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0364.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0768.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/19279
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.ubuntu.com/usn/usn-338-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2006/3079
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/0930
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-568
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

151Records found
CVE-2020-2741
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6||MEDIUM
EPSS-0.15% / 36.22%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:29
Updated-30 Sep, 2024 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-2704
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.12% / 32.22%
||
7 Day CHG~0.00%
Published-15 Jan, 2020 | 16:34
Updated-30 Sep, 2024 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2020-2681
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.12% / 32.22%
||
7 Day CHG~0.00%
Published-15 Jan, 2020 | 16:34
Updated-30 Sep, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2015-4801
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.16% / 37.46%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality via unknown vectors related to Solaris Kernel Zones.

Action-Not Available
Vendor-n/aOracle Corporation
Product-solarisn/a
CVE-2007-0296
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.36% / 57.15%
||
7 Day CHG~0.00%
Published-17 Jan, 2007 | 02:00
Updated-07 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.13, 8.47.11, and 8.48.06 has unknown impact and attack vectors in PeopleTools, aka PSE02.

Action-Not Available
Vendor-n/aOracle Corporation
Product-enterpriseonepeoplesoft_enterprisen/a
CVE-2015-2574
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.16% / 37.73%
||
7 Day CHG~0.00%
Published-16 Apr, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality via unknown vectors related to Text Utilities.

Action-Not Available
Vendor-n/aOracle Corporation
Product-solarisn/a
CVE-2015-2579
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.17% / 38.78%
||
7 Day CHG~0.00%
Published-16 Apr, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Health Sciences Argus Safety component in Oracle Health Sciences Applications 8.0 allows local users to affect confidentiality via vectors related to BIP Installer.

Action-Not Available
Vendor-n/aOracle Corporation
Product-health_sciences_applicationsn/a
CVE-2020-17521
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-5.5||MEDIUM
EPSS-0.36% / 57.17%
||
7 Day CHG~0.00%
Published-07 Dec, 2020 | 19:22
Updated-04 Aug, 2024 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the extension methods mentioned in the advisory are not affected, but may wish to read the advisory for further details. Versions Affected: 2.0 to 2.4.20, 2.5.0 to 2.5.13, 3.0.0 to 3.0.6, and 4.0.0-alpha-1. Fixed in versions 2.4.21, 2.5.14, 3.0.7, 4.0.0-alpha-2.

Action-Not Available
Vendor-NetApp, Inc.The Apache Software FoundationOracle Corporation
Product-communications_diameter_signaling_routerretail_bulk_data_integrationhealthcare_data_repositoryretail_store_inventory_managementprimavera_unifierilearningjd_edwards_enterpriseone_orchestratorprimavera_gatewayagile_plm_mcad_connectoragile_engineering_data_managementagile_plmretail_merchandising_systemcommunications_brm_-_elastic_charging_enginesnapcenteratlasinsurance_policy_administrationcommunications_evolved_communications_application_servergroovyhospitality_opera_5communications_services_gatekeeperbusiness_process_management_suiteApache Groovy
CVE-2014-9584
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.15% / 36.77%
||
7 Day CHG~0.00%
Published-09 Jan, 2015 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSESUSERed Hat, Inc.Debian GNU/LinuxOracle CorporationCanonical Ltd.
Product-enterprise_linux_serverlinux_kernelenterprise_linux_ausenterprise_linux_eusevergreenenterprise_linux_server_euslinux_enterprise_real_time_extensionlinux_enterprise_desktopdebian_linuxlinuxlinux_enterprise_software_development_kitenterprise_linux_server_ausopensuseenterprise_linux_desktopubuntu_linuxenterprise_linux_server_tusenterprise_linux_workstationlinux_enterprise_workstation_extensionlinux_enterprise_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-6551
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.16% / 37.92%
||
7 Day CHG~0.00%
Published-15 Oct, 2014 | 22:03
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.

Action-Not Available
Vendor-n/aSUSEOracle CorporationMariaDB Foundation
Product-solarismariadbmysqllinux_enterprise_desktoplinux_enterprise_workstation_extensionlinux_enterprise_serverlinux_enterprise_software_development_kitn/a
CVE-2017-3474
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.10% / 27.63%
||
7 Day CHG~0.00%
Published-24 Apr, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zone). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Solaris accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-solarisSolaris Operating System
CVE-2017-3240
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.05% / 15.53%
||
7 Day CHG~0.00%
Published-27 Jan, 2017 | 22:01
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where RDBMS Security executes to compromise RDBMS Security. Successful attacks of this vulnerability can result in unauthorized read access to a subset of RDBMS Security accessible data. CVSS v3.0 Base Score 3.3 (Confidentiality impacts).

Action-Not Available
Vendor-Oracle Corporation
Product-database_serverOracle Database
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2006-0369
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.12% / 32.39%
||
7 Day CHG~0.00%
Published-22 Jan, 2006 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views;" query, which returns the query that created the VIEW. NOTE: this issue has been disputed by third parties, saying that the availability of the schema is a normal and sometimes desired aspect of database access

Action-Not Available
Vendor-n/aOracle Corporation
Product-mysqln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-14542
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.07% / 21.56%
||
7 Day CHG~0.00%
Published-15 Jul, 2020 | 17:34
Updated-27 Sep, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Solaris product of Oracle Systems (component: libsuri). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.1 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-solarisSolaris Operating System
CVE-2014-1738
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-2.1||LOW
EPSS-0.03% / 6.93%
||
7 Day CHG~0.00%
Published-11 May, 2014 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncSUSERed Hat, Inc.Debian GNU/LinuxOracle Corporation
Product-linux_enterprise_high_availability_extensionlinux_kernelenterprise_linux_euslinux_enterprise_real_time_extensionlinux_enterprise_desktopdebian_linuxlinuxlinux_enterprise_servern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2005-2294
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.28% / 50.70%
||
7 Day CHG~0.00%
Published-17 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of records are retrieved by an Oracle form, stores a copy of the database tables in a world-readable temporary file, which allows local users to gain sensitive information such as credit card numbers.

Action-Not Available
Vendor-n/aOracle Corporation
Product-formsn/a
CVE-2017-3239
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.04% / 12.59%
||
7 Day CHG~0.00%
Published-27 Jan, 2017 | 22:01
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle GlassFish Server executes to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GlassFish Server accessible data. CVSS v3.0 Base Score 3.3 (Confidentiality impacts).

Action-Not Available
Vendor-Oracle Corporation
Product-glassfish_serverGlassFish Server
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2005-2293
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 37.19%
||
7 Day CHG~0.00%
Published-17 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information.

Action-Not Available
Vendor-n/aOracle Corporation
Product-forms_buildern/a
CWE ID-CWE-459
Incomplete Cleanup
CVE-2017-10213
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-0.18% / 40.45%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect). The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Hospitality Suite8 executes to compromise Hospitality Suite8. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Hospitality Suite8 accessible data. CVSS 3.0 Base Score 4.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-hospitality_suite8Hospitality Suite8
CVE-2017-3498
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.07% / 22.20%
||
7 Day CHG~0.00%
Published-24 Apr, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Solaris accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-solarisSolaris Operating System
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2019-3026
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 24.41%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 17:40
Updated-01 Oct, 2024 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2019-2678
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 33.03%
||
7 Day CHG~0.00%
Published-23 Apr, 2019 | 18:16
Updated-02 Oct, 2024 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2019-3031
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6||MEDIUM
EPSS-0.09% / 26.06%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 17:41
Updated-01 Oct, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2019-2969
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.2||MEDIUM
EPSS-0.89% / 74.66%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 17:40
Updated-01 Oct, 2024 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-NetApp, Inc.Canonical Ltd.Oracle Corporation
Product-ubuntu_linuxsnapcenteractive_iq_unified_manageroncommand_workflow_automationmysqloncommand_insightMySQL Server
CVE-2021-2120
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6||MEDIUM
EPSS-0.07% / 22.75%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 14:50
Updated-26 Sep, 2024 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2004-1349
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.11% / 29.79%
||
7 Day CHG~0.00%
Published-19 Jan, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files.

Action-Not Available
Vendor-n/aOracle CorporationGNU
Product-solarisgzipn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2002-0568
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-4.80% / 89.08%
||
7 Day CHG~0.00%
Published-11 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory.

Action-Not Available
Vendor-n/aOracle Corporation
Product-oracle8iapplication_serveroracle9in/a
CVE-2017-10056
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.90%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Hospitality 9700 component of Oracle Hospitality Applications (subcomponent: Property Management Systems). The supported version that is affected is 4.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality 9700 executes to compromise Oracle Hospitality 9700. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality 9700 accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-hospitality_9700Hospitality 9700
CVE-2019-2501
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.8||LOW
EPSS-0.07% / 20.73%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 19:00
Updated-02 Oct, 2024 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2019-19535
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.03% / 7.94%
||
7 Day CHG~0.00%
Published-03 Dec, 2019 | 15:38
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSEDebian GNU/LinuxOracle Corporation
Product-debian_linuxlinux_kernelsd-wan_edgeleapn/a
CWE ID-CWE-909
Missing Initialization of Resource
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2019-2505
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.8||LOW
EPSS-0.07% / 20.73%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 19:00
Updated-02 Oct, 2024 | 16:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2019-2446
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 29.61%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 19:00
Updated-02 Oct, 2024 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2012-2672
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.06% / 17.62%
||
7 Day CHG~0.00%
Published-17 Jun, 2012 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Oracle Mojarra 2.1.7 does not properly "clean up" the FacesContext reference during startup, which allows local users to obtain context information an access resources from another WAR file by calling the FacesContext.getCurrentInstance function.

Action-Not Available
Vendor-n/aOracle Corporation
Product-mojarran/a
CVE-2019-2553
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.8||LOW
EPSS-0.07% / 20.73%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 19:00
Updated-02 Oct, 2024 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2017-10201
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.90%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Hospitality e7 component of Oracle Hospitality Applications (subcomponent: Other). The supported version that is affected is 4.2.1. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality e7 executes to compromise Oracle Hospitality e7. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality e7 accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-n/aOracle Corporation
Product-hospitality_e7n/a
CVE-2011-3570
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.07% / 21.07%
||
7 Day CHG~0.00%
Published-18 Jan, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality via unknown vectors related to Calendar Server.

Action-Not Available
Vendor-n/aOracle Corporation
Product-communications_unifiedn/a
CVE-2022-22478
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 2.73%
||
7 Day CHG~0.00%
Published-30 Jun, 2022 | 16:25
Updated-16 Sep, 2024 | 20:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.Apple Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelhp-uxwindowsspectrum_protect_clientmacosaixSpectrum Protect Client
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2022-21268
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.07% / 21.56%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 11:22
Updated-24 Sep, 2024 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Pipeline Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Communications Billing and Revenue Management executes to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Communications Billing and Revenue Management accessible data. CVSS 3.1 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-communications_billing_and_revenue_managementCommunications Billing and Revenue Management
CVE-2022-21267
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.07% / 21.56%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 11:22
Updated-24 Sep, 2024 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Pipeline Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Communications Billing and Revenue Management executes to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Communications Billing and Revenue Management accessible data. CVSS 3.1 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-communications_billing_and_revenue_managementCommunications Billing and Revenue Management
CVE-2022-21394
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 33.94%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 11:26
Updated-24 Sep, 2024 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.32. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2022-21295
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.8||LOW
EPSS-0.05% / 14.11%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 11:23
Updated-24 Sep, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.32. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: This vulnerability applies to Windows systems only. CVSS 3.1 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2022-21388
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.08% / 24.60%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 11:26
Updated-24 Sep, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Communications Pricing Design Center product of Oracle Communications Applications (component: On Premise Install). Supported versions that are affected are 12.0.0.3.0 and 12.0.0.4.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Communications Pricing Design Center executes to compromise Oracle Communications Pricing Design Center. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Communications Pricing Design Center accessible data. CVSS 3.1 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-communications_pricing_design_centerCommunications Pricing Design Center
CVE-2022-21487
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.8||LOW
EPSS-0.07% / 22.12%
||
7 Day CHG~0.00%
Published-19 Apr, 2022 | 20:38
Updated-24 Sep, 2024 | 20:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2022-21461
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.82%
||
7 Day CHG~0.00%
Published-19 Apr, 2022 | 20:37
Updated-24 Sep, 2024 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Solaris accessible data. CVSS 3.1 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-solarisSolaris Operating System
CVE-2022-0002
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.69% / 70.97%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aOracle CorporationIntel Corporation
Product-celeron_g5900tatom_c3950xeon_gold_5215core_i3-10100core_i5-11400core_i9-7900xceleron_j4125core_i7-10510yxeon_d1700core_i7-12650hxeon_platinum_8260yatom_x5-z8500core_i9-7920xxeon_platinum_8352vceleron_n4120xeon_w-11865mrecore_i9-9960xcore_i5-11600kcore_i9-10900texeon_e-2374gxeon_gold_5218txeon_platinum_8358xeon_platinum_8353hxeon_e-2378core_i5-11260hcore_i7-7820xxeon_platinum_8360ycore_i3-1115g4ecore_i5-10600txeon_gold_5218npentium_gold_g6605core_i7-7800xxeon_w-3275matom_x5-a3940xeon_gold_6336yxeon_gold_6250lcore_i5-9400hxeon_gold_6209ucore_i9-9920xpentium_gold_g6505txeon_e-2278gexeon_platinum_8253celeron_g5925xeon_silver_4214ypentium_gold_g6505atom_c3758xeon_w-10855mxeon_gold_6252ncore_i9-11900kfxeon_gold_6230txeon_silver_4210rxeon_w-1270core_i3-l13g4atom_c3558rcpentium_gold_g6400atom_c3308xeon_w-3235pentium_gold_g6500tcore_i9-10900txeon_platinum_8280core_i5-8200ycore_i7-10700tecore_i9-10900kpentium_j6425atom_x6425rexeon_gold_5220rxeon_w-11155mrexeon_gold_6252core_i3-10105celeron_j3455ecore_i5-11400tceleron_n4020xeon_d2700core_i7-11700kcore_i5-11400fcore_i7-12700kfcore_i5-10400txeon_w-11955mxeon_w-1290exeon_gold_6246xeon_silver_4214rcore_i7-1185g7core_i7-9700kfcore_i9-10940xceleron_6600hecore_i9-9800xcore_i9-10900xcore_i5-12400fxeon_platinum_9221xeon_gold_6230rceleron_n3350exeon_platinum_8360hlceleron_j4105puma_7core_i7-10700kfatom_x5-z8550xeon_silver_4310tceleron_g5905core_i7-1065g7core_i9-11900kxeon_w-11555mrecore_i9-12900hkxeon_silver_4208core_i5-12450hatom_x5-z8330xeon_gold_5318hpentium_gold_g7400tcore_i5-10600kfcore_i3-1000g1celeron_g6900atom_x5-a3930xeon_w-2225xeon_silver_4314core_i3-1005g1core_i9-10850hceleron_j3355epentium_n6415celeron_n4504xeon_gold_5215lcore_i3-1220pcore_i5-12400tcore_i5-9400fcore_i7-12700txeon_platinum_8352score_i9-12900atom_c3538core_i7-10700xeon_gold_6238atom_x6413eceleron_j6413core_i5-11600kfcore_i5-12500core_i5-8365uatom_x5-a3960xeon_platinum_8376hatom_c3508xeon_w-2245core_i5-1145grexeon_w-3265mxeon_gold_6240lceleron_j3355xeon_gold_6248core_i5-1135g7core_i7-12700xeon_w-1270pcore_i3-1115g4xeon_gold_6258rcore_i5-9600kfxeon_platinum_8256communications_cloud_native_core_binding_support_functionxeon_platinum_9282core_i5-10400xeon_w-1250ppentium_gold_g7400core_i3-1120g4core_i5-1155g7xeon_w-11865mldcore_i7-9700kcore_i5-11400hxeon_gold_6338ncore_i9-11900hceleron_j3455xeon_gold_6328hlcore_i7-12700fcore_i7-1185g7ecore_i3-1110g4core_i3-12100fcore_i3-12100tcore_i7-10810ucore_i3-10300txeon_gold_6330xeon_bronze_3206rxeon_gold_6346xeon_w-3275core_i5-1130g7xeon_gold_6240core_i7-10700exeon_gold_5220core_i7-1260pceleron_g5305ucore_i9-11900core_i5-9600kcore_i5-8265ucore_i3-10100teatom_p5921bcore_i7-10700tcore_i9-9900kfceleron_g5205uxeon_e-2388gcommunications_cloud_native_core_network_exposure_functioncore_i7-11390hxeon_platinum_8268core_i5-1145g7celeron_g5905tcore_i5-9300hcore_i7-10750hcore_i9-10850kxeon_gold_6240rxeon_gold_6330hpentium_gold_g6405xeon_silver_4209tcore_i7-7640xxeon_gold_6338xeon_gold_5315ycore_i9-12900fxeon_e-2278gxeon_silver_4215rxeon_gold_6212ucore_i9-10900epentium_gold_g6400tceleron_g6900tpentium_silver_n6005core_i9-11980hkatom_p5931bxeon_platinum_8380core_i9-11900fxeon_w-3265xeon_silver_4215xeon_platinum_8368xeon_gold_6230ncore_i5-10500tecore_i9-10920xcore_i5-11500core_i9-11950hatom_c3750core_i7-11700core_i5-10500tcore_i5-10600core_i7-1195g7core_i9-10885hceleron_n4500xeon_gold_6338tcore_i5-10310yxeon_platinum_8352mxeon_e-2386gcore_i7-1165g7core_i3-12300xeon_gold_6208uceleron_6305core_i7-11850heatom_c3338xeon_w-1290tepentium_gold_g6405ucore_i5-1145g7exeon_gold_6242atom_x7-e3950core_i7-10700kcore_i3-12300txeon_e-2336core_i5-1030g7celeron_j4025core_i9-10980hkxeon_platinum_8360hxeon_e-2286mcore_i9-9880hxeon_w-11155mlexeon_silver_4210tcore_i7-11370hxeon_gold_5320tceleron_n4100xeon_w-1300core_i5-11500hcore_i5-1035g4core_i5-l16g7core_i9-12900kcore_i5-11600txeon_gold_6342core_i7-1280pcore_i7-8500ycore_i5-10200hcore_i9-9900kpentium_silver_n5030xeon_platinum_8276pentium_silver_j5040xeon_silver_4316atom_c3558rcore_i9-7960xxeon_gold_5220tceleron_n4000core_i5-10400fcore_i5-12600kfceleron_n6211xeon_w-1370core_i7-1160g7atom_c3808xeon_gold_6244xeon_gold_6242rxeon_gold_6330nxeon_w-2275xeon_w-10855xeon_w-2265xeon_gold_6226rcore_i5-12600tcore_i9-12900kfxeon_bronze_3204core_i9-9820xceleron_j4005xeon_gold_5218bxeon_platinum_8354hpentium_silver_n5000xeon_gold_6348hxeon_gold_6328hcore_i7-9750hfcore_i7-1180g7core_i5-12400xeon_e-2288gxeon_w-1370pxeon_gold_6254core_i3-10320xeon_gold_5218rxeon_gold_6334core_i5-1035g7xeon_gold_6326core_i3-10105fceleron_n3350xeon_gold_5320xeon_w-2235xeon_gold_6240yceleron_g5900atom_p5962bxeon_w-11855matom_x5-e3940xeon_gold_6238lxeon_w-1390core_i7-10875hxeon_w-3225core_i3-1115grecore_i5-11600xeon_gold_6348core_i7-11700fcore_i3-11100hecore_i5-10400hatom_x6212repentium_gold_7505xeon_gold_6246rceleron_n5105core_i7-12700kcore_i7-8665uxeon_gold_6354core_i7-1270pcore_i3-10305txeon_w-10885mcore_i9-9940xxeon_gold_6312uxeon_gold_5320hcore_i9-9900xcore_i5-10600kcore_i9-7940xcore_i5-10110yxeon_gold_5222core_i7-10850hcore_i5-12600hxeon_platinum_8380hlxeon_gold_6256xeon_gold_6248rxeon_silver_4214core_i7-12700hatom_c3958atom_x6425eatom_c3338rxeon_gold_5318nxeon_platinum_9222core_i3-10105tcore_i5-11300hxeon_gold_5220sxeon_platinum_8260core_i3-1000g4pentium_silver_n6000xeon_platinum_8280lxeon_silver_4309ycore_i9-10900kfcore_m3-8100yxeon_platinum_8356hatom_p5942bcore_i3-10100tatom_c3858pentium_gold_g6600atom_x7-z8700xeon_gold_6314ucore_i9-9980hkxeon_w-11555mlecore_i5-12500hcore_i7-11700tpentium_j4205xeon_w-1390tatom_x5-a3950xeon_silver_4216xeon_platinum_9242core_i5-1140g7core_i7-11700kfcore_i7-10610uxeon_platinum_8362xeon_platinum_8276lxeon_w-2223core_i7-7740xcore_i7-11375hatom_x7-z8750atom_c3850core_i5-11500txeon_gold_6238tatom_c3955core_i9-11900tcore_i5-8210yxeon_platinum_8368qatom_x6427fecore_i7-1060g7core_i5-9400xeon_gold_5318ycore_i7-1185grexeon_silver_4310core_i3-10325xeon_e-2356gatom_c3558xeon_gold_6250celeron_6305exeon_platinum_8260lceleron_n5100atom_c3436lxeon_platinum_8380hxeon_platinum_8270xeon_w-1290txeon_w-3245mxeon_gold_6226core_i5-11320hcore_i5-12600xeon_e-2334xeon_gold_5318score_i7-9850hatom_c3708xeon_w-1350xeon_e-2314core_i3-10305core_i5-1035g1core_i7-11850hxeon_w-1290xeon_w-1390pxeon_silver_4210core_i3-10110ucore_i5-10505atom_x5-z8350xeon_gold_6234atom_c3336core_i3-12100xeon_w-2255xeon_gold_6262vcore_i7-10710uxeon_w-1350pcore_i5-10210ycore_i9-10900xeon_w-1250core_i5-10300hxeon_platinum_8358ppentium_n4200core_i9-12900hatom_x5-e3930xeon_gold_5218atom_x6211epentium_gold_g6500core_i7-11800hceleron_5305upentium_n4200exeon_gold_6238rcore_i3-10300core_i9-10900fcore_i3-1125g4celeron_g5920xeon_e-2278gelcore_i7-8565ucore_i5-1030g4celeron_n3450xeon_e-2378gcore_i5-12600kcommunications_cloud_native_core_policyatom_c3830core_i5-1240pcore_i7-10870hxeon_platinum_8352ycore_i3-10100fcore_i7-10510uxeon_w-1290pxeon_w-3223xeon_gold_5317core_i7-12800hcore_i5-12500tcore_i5-8310ycore_i9-12900tatom_x5-z8300xeon_gold_5217xeon_e-2324gxeon_w-3245xeon_platinum_8376hlatom_x6200fexeon_gold_6210uxeon_gold_6222vcore_i5-1250pcore_i7-10700fcore_i5-10210uxeon_w-2295atom_c3758rcore_i5-10500xeon_platinum_8351nxeon_gold_6230pentium_silver_j5005pentium_gold_g6405tIntel(R) Processors
CVE-2022-0001
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.36% / 57.73%
||
7 Day CHG-0.06%
Published-11 Mar, 2022 | 00:00
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aOracle CorporationIntel Corporation
Product-celeron_g5900txeon_gold_5215core_i3-10100core_i5-11400core_i9-7900xceleron_j4125core_i7-10510yxeon_d1700core_i7-12650hxeon_platinum_8260ycore_i9-7920xxeon_platinum_8352vceleron_n4120xeon_w-11865mrecore_i9-9960xcore_i5-11600kcore_i9-10900texeon_e-2374gxeon_gold_5218txeon_platinum_8358xeon_platinum_8353hxeon_e-2378core_i5-11260hcore_i7-7820xxeon_platinum_8360ycore_i3-1115g4ecore_i5-10600txeon_gold_5218npentium_gold_g6605core_i7-7800xxeon_w-3275mxeon_gold_6336yxeon_gold_6250lcore_i5-9400hxeon_gold_6209ucore_i9-9920xpentium_gold_g6505txeon_e-2278gexeon_platinum_8253celeron_g5925xeon_silver_4214ypentium_gold_g6505xeon_w-10855mxeon_gold_6252ncore_i9-11900kfxeon_gold_6230txeon_silver_4210rxeon_w-1270core_i3-l13g4pentium_gold_g6400xeon_w-3235pentium_gold_g6500tcore_i9-10900txeon_platinum_8280core_i5-8200ycore_i7-10700tecore_i9-10900kpentium_j6425atom_x6425rexeon_gold_5220rxeon_w-11155mrexeon_gold_6252core_i3-10105core_i5-11400tceleron_n4020xeon_d2700core_i7-11700kcore_i5-11400fcore_i7-12700kfcore_i5-10400txeon_w-11955mxeon_w-1290exeon_gold_6246xeon_silver_4214rcore_i7-1185g7core_i7-9700kfcore_i9-10940xceleron_6600hecore_i9-9800xcore_i9-10900xcore_i5-12400fxeon_platinum_9221xeon_gold_6230rxeon_platinum_8360hlceleron_j4105core_i7-10700kfxeon_silver_4310tceleron_g5905core_i7-1065g7core_i9-11900kxeon_w-11555mrecore_i9-12900hkxeon_silver_4208core_i5-12450hxeon_gold_5318hpentium_gold_g7400tcore_i5-10600kfcore_i3-1000g1celeron_g6900xeon_w-2225xeon_silver_4314core_i3-1005g1core_i9-10850hpentium_n6415celeron_n4504xeon_gold_5215lcore_i3-1220pcore_i5-12400tcore_i5-9400fcore_i7-12700txeon_platinum_8352score_i9-12900core_i7-10700xeon_gold_6238atom_x6413eceleron_j6413core_i5-11600kfcore_i5-12500core_i5-8365uxeon_platinum_8376hxeon_w-2245core_i5-1145grexeon_w-3265mxeon_gold_6240lxeon_gold_6248core_i5-1135g7core_i7-12700xeon_w-1270pcore_i3-1115g4xeon_gold_6258rcore_i5-9600kfxeon_platinum_8256communications_cloud_native_core_binding_support_functionxeon_platinum_9282core_i5-10400xeon_w-1250ppentium_gold_g7400core_i3-1120g4core_i5-1155g7xeon_w-11865mldcore_i7-9700kcore_i5-11400hxeon_gold_6338ncore_i9-11900hxeon_gold_6328hlcore_i7-12700fcore_i7-1185g7ecore_i3-1110g4core_i3-12100fcore_i3-12100tcore_i7-10810ucore_i3-10300txeon_gold_6330xeon_bronze_3206rxeon_gold_6346xeon_w-3275core_i5-1130g7xeon_gold_6240core_i7-10700exeon_gold_5220core_i7-1260pceleron_g5305ucore_i9-11900core_i5-9600kcore_i5-8265ucore_i3-10100teatom_p5921bcore_i7-10700tcore_i9-9900kfceleron_g5205uxeon_e-2388gcommunications_cloud_native_core_network_exposure_functioncore_i7-11390hxeon_platinum_8268core_i5-1145g7celeron_g5905tcore_i5-9300hcore_i7-10750hcore_i9-10850kxeon_gold_6240rxeon_gold_6330hpentium_gold_g6405xeon_silver_4209tcore_i7-7640xxeon_gold_6338xeon_gold_5315ycore_i9-12900fxeon_e-2278gxeon_silver_4215rxeon_gold_6212ucore_i9-10900epentium_gold_g6400tceleron_g6900tpentium_silver_n6005core_i9-11980hkatom_p5931bxeon_platinum_8380core_i9-11900fxeon_w-3265xeon_silver_4215xeon_platinum_8368xeon_gold_6230ncore_i5-10500tecore_i9-10920xcore_i5-11500core_i9-11950hcore_i7-11700core_i5-10500tcore_i5-10600core_i7-1195g7core_i9-10885hceleron_n4500xeon_gold_6338tcore_i5-10310yxeon_platinum_8352mxeon_e-2386gcore_i7-1165g7core_i3-12300xeon_gold_6208uceleron_6305core_i7-11850hexeon_w-1290tepentium_gold_g6405ucore_i5-1145g7exeon_gold_6242core_i7-10700kcore_i3-12300txeon_e-2336core_i5-1030g7celeron_j4025core_i9-10980hkxeon_platinum_8360hxeon_e-2286mcore_i9-9880hxeon_w-11155mlexeon_silver_4210tcore_i7-11370hxeon_gold_5320tceleron_n4100xeon_w-1300core_i5-11500hcore_i5-1035g4core_i5-l16g7core_i9-12900kcore_i5-11600txeon_gold_6342core_i7-1280pcore_i7-8500ycore_i5-10200hcore_i9-9900kpentium_silver_n5030xeon_platinum_8276pentium_silver_j5040xeon_silver_4316core_i9-7960xxeon_gold_5220tceleron_n4000core_i5-10400fcore_i5-12600kfcore_i7-1160g7celeron_n6211xeon_w-1370xeon_gold_6244xeon_gold_6242rxeon_gold_6330nxeon_w-2275xeon_w-10855xeon_w-2265xeon_gold_6226rcore_i5-12600tcore_i9-12900kfxeon_bronze_3204core_i9-9820xceleron_j4005xeon_gold_5218bxeon_platinum_8354hpentium_silver_n5000xeon_gold_6348hxeon_gold_6328hcore_i7-9750hfcore_i7-1180g7core_i5-12400xeon_e-2288gxeon_w-1370pxeon_gold_6254core_i3-10320xeon_gold_5218rxeon_gold_6334core_i5-1035g7xeon_gold_6326core_i3-10105fxeon_w-11855mxeon_gold_5320xeon_w-2235xeon_gold_6240yceleron_g5900atom_p5962bxeon_gold_6238lxeon_w-1390core_i7-10875hxeon_w-3225core_i3-1115grecore_i5-11600xeon_gold_6348core_i7-11700fcore_i3-11100hecore_i5-10400hatom_x6212repentium_gold_7505xeon_gold_6246rceleron_n5105core_i7-12700kcore_i7-8665uxeon_gold_6354core_i7-1270pcore_i3-10305txeon_w-10885mcore_i9-9940xxeon_gold_6312uxeon_gold_5320hcore_i9-9900xcore_i5-10600kcore_i9-7940xcore_i5-10110yxeon_gold_5222core_i7-10850hcore_i5-12600hxeon_platinum_8380hlxeon_gold_6256xeon_gold_6248rxeon_silver_4214core_i7-12700hatom_x6425exeon_gold_5318nxeon_platinum_9222core_i3-10105tcore_i5-11300hxeon_gold_5220sxeon_platinum_8260core_i3-1000g4pentium_silver_n6000xeon_platinum_8280lxeon_silver_4309ycore_i9-10900kfcore_m3-8100yxeon_platinum_8356hatom_p5942bcore_i3-10100tpentium_gold_g6600xeon_gold_6314ucore_i9-9980hkxeon_w-11555mlecore_i5-12500hcore_i7-11700txeon_w-1390txeon_silver_4216xeon_platinum_9242core_i5-1140g7core_i7-11700kfcore_i7-10610uxeon_platinum_8362xeon_platinum_8276lxeon_w-2223core_i7-7740xcore_i7-11375hxeon_gold_6238tcore_i5-11500tcore_i9-11900tcore_i5-8210yxeon_platinum_8368qatom_x6427fecore_i7-1060g7core_i5-9400xeon_gold_5318ycore_i7-1185grexeon_silver_4310core_i3-10325xeon_e-2356gxeon_gold_6250celeron_6305exeon_platinum_8260lceleron_n5100xeon_platinum_8380hxeon_platinum_8270xeon_w-1290txeon_w-3245mxeon_gold_6226core_i5-11320hcore_i5-12600xeon_e-2334xeon_gold_5318score_i7-9850hxeon_w-1350xeon_e-2314core_i3-10305core_i5-1035g1core_i7-11850hxeon_w-1290xeon_w-1390pxeon_silver_4210core_i3-10110ucore_i5-10505xeon_gold_6234core_i3-12100xeon_w-2255xeon_gold_6262vcore_i7-10710uxeon_w-1350pcore_i5-10210ycore_i9-10900xeon_w-1250core_i5-10300hxeon_platinum_8358pcore_i9-12900hxeon_gold_5218atom_x6211epentium_gold_g6500core_i7-11800hceleron_5305uxeon_gold_6238rcore_i3-10300core_i9-10900fcore_i3-1125g4celeron_g5920xeon_e-2278gelcore_i7-8565ucore_i5-1030g4xeon_e-2378gcore_i5-12600kcommunications_cloud_native_core_policycore_i5-1240pcore_i7-10870hxeon_platinum_8352ycore_i3-10100fcore_i7-10510uxeon_w-1290pxeon_w-3223xeon_gold_5317core_i7-12800hcore_i5-12500tcore_i5-8310ycore_i9-12900txeon_gold_5217xeon_e-2324gxeon_w-3245xeon_platinum_8376hlatom_x6200fexeon_gold_6210uxeon_gold_6222vcore_i5-1250pcore_i7-10700fcore_i5-10210uxeon_w-2295core_i5-10500xeon_platinum_8351nxeon_gold_6230pentium_silver_j5005pentium_gold_g6405tIntel(R) Processors
CVE-2017-10219
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.90%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0.0 and 4.2.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality Guest Access executes to compromise Oracle Hospitality Guest Access. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Guest Access accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-hospitality_guest_accessHospitality Guest Access
CVE-2017-10189
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.90%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure). The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Hospitality Suite8 executes to compromise Hospitality Suite8. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Hospitality Suite8 accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-hospitality_suite8Hospitality Suite8
CVE-2017-10169
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.90%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Hospitality 9700 component of Oracle Hospitality Applications (subcomponent: Operation Security). The supported version that is affected is 4.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality 9700 executes to compromise Oracle Hospitality 9700. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality 9700 accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-hospitality_9700Hospitality 9700
CVE-2017-10317
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-0.18% / 39.69%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect). Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Hospitality Suite8 executes to compromise Oracle Hospitality Suite8. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality Suite8 accessible data. CVSS 3.0 Base Score 4.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-hospitality_suite8Hospitality Suite8
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found