Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2012-1770

Summary
Assigner-oracle
Assigner Org ID-43595867-4340-4103-b7a2-9a5208d29a85
Published At-17 Jul, 2012 | 22:39
Updated At-06 Aug, 2024 | 19:08
Rejected At-
Credits

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:oracle
Assigner Org ID:43595867-4340-4103-b7a2-9a5208d29a85
Published At:17 Jul, 2012 | 22:39
Updated At:06 Aug, 2024 | 19:08
Rejected At:
▼CVE Numbering Authority (CNA)

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/77003
vdb-entry
x_refsource_XF
http://www.securitytracker.com/id?1027264
vdb-entry
x_refsource_SECTRACK
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14882
vdb-entry
signature
x_refsource_OVAL
http://www-01.ibm.com/support/docview.wss?uid=swg21660640
x_refsource_CONFIRM
http://www.kb.cert.org/vuls/id/118913
third-party-advisory
x_refsource_CERT-VN
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-058
vendor-advisory
x_refsource_MS
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
x_refsource_CONFIRM
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-067
vendor-advisory
x_refsource_MS
http://www.securityfocus.com/bid/54541
vdb-entry
x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
vendor-advisory
x_refsource_MANDRIVA
http://technet.microsoft.com/security/advisory/2737111
x_refsource_CONFIRM
Hyperlink: http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx
Resource:
x_refsource_CONFIRM
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/77003
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.securitytracker.com/id?1027264
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14882
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21660640
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.kb.cert.org/vuls/id/118913
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-058
Resource:
vendor-advisory
x_refsource_MS
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
Resource:
x_refsource_CONFIRM
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-067
Resource:
vendor-advisory
x_refsource_MS
Hyperlink: http://www.securityfocus.com/bid/54541
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://technet.microsoft.com/security/advisory/2737111
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx
x_refsource_CONFIRM
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/77003
vdb-entry
x_refsource_XF
x_transferred
http://www.securitytracker.com/id?1027264
vdb-entry
x_refsource_SECTRACK
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14882
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21660640
x_refsource_CONFIRM
x_transferred
http://www.kb.cert.org/vuls/id/118913
third-party-advisory
x_refsource_CERT-VN
x_transferred
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-058
vendor-advisory
x_refsource_MS
x_transferred
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
x_refsource_CONFIRM
x_transferred
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-067
vendor-advisory
x_refsource_MS
x_transferred
http://www.securityfocus.com/bid/54541
vdb-entry
x_refsource_BID
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://technet.microsoft.com/security/advisory/2737111
x_refsource_CONFIRM
x_transferred
Hyperlink: http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/77003
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securitytracker.com/id?1027264
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14882
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21660640
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/118913
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-058
Resource:
vendor-advisory
x_refsource_MS
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-067
Resource:
vendor-advisory
x_refsource_MS
x_transferred
Hyperlink: http://www.securityfocus.com/bid/54541
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://technet.microsoft.com/security/advisory/2737111
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert_us@oracle.com
Published At:17 Jul, 2012 | 23:55
Updated At:11 Apr, 2025 | 00:51

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Oracle Corporation
oracle
>>fusion_middleware>>8.3.5.0
cpe:2.3:a:oracle:fusion_middleware:8.3.5.0:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>fusion_middleware>>8.3.7.0
cpe:2.3:a:oracle:fusion_middleware:8.3.7.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Per: http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html 'Outside In Technology is a suite of software development kits (SDKs). It does not have any particular associated protocol. If the hosting software passes data received over the network to Outside In Technology code, the CVSS score would increase to 6.8.'

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspxsecalert_us@oracle.com
N/A
http://technet.microsoft.com/security/advisory/2737111secalert_us@oracle.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21660640secalert_us@oracle.com
N/A
http://www.kb.cert.org/vuls/id/118913secalert_us@oracle.com
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150secalert_us@oracle.com
N/A
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.htmlsecalert_us@oracle.com
Vendor Advisory
http://www.securityfocus.com/bid/54541secalert_us@oracle.com
N/A
http://www.securitytracker.com/id?1027264secalert_us@oracle.com
N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-058secalert_us@oracle.com
N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-067secalert_us@oracle.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/77003secalert_us@oracle.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14882secalert_us@oracle.com
N/A
http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspxaf854a3a-2127-422b-91ae-364da2661108
N/A
http://technet.microsoft.com/security/advisory/2737111af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21660640af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.kb.cert.org/vuls/id/118913af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/54541af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id?1027264af854a3a-2127-422b-91ae-364da2661108
N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-058af854a3a-2127-422b-91ae-364da2661108
N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-067af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/77003af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14882af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://technet.microsoft.com/security/advisory/2737111
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21660640
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/118913
Source: secalert_us@oracle.com
Resource:
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
Source: secalert_us@oracle.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/54541
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1027264
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-058
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-067
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/77003
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14882
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://technet.microsoft.com/security/advisory/2737111
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21660640
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/118913
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/54541
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1027264
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-058
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-067
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/77003
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14882
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

90Records found
CVE-2019-3005
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6||MEDIUM
EPSS-0.12% / 32.39%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 17:40
Updated-01 Oct, 2024 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2019-2527
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 36.52%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 19:00
Updated-02 Oct, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.26 and prior to 6.0.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2019-2877
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.47%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 22:31
Updated-01 Oct, 2024 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CVE-2019-2708
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-1.28% / 78.73%
||
7 Day CHG~0.00%
Published-23 Apr, 2019 | 18:16
Updated-02 Oct, 2024 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Data Store. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

Action-Not Available
Vendor-Oracle Corporation
Product-berkeley_dbOracle Berkeley DB
CVE-2019-2874
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.07% / 20.75%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 22:31
Updated-01 Oct, 2024 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CVE-2012-1769
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-11.08% / 93.18%
||
7 Day CHG~0.00%
Published-17 Jul, 2012 | 22:39
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1770, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.

Action-Not Available
Vendor-n/aOracle Corporation
Product-fusion_middlewaren/a
CVE-2012-1771
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.64% / 69.70%
||
7 Day CHG~0.00%
Published-17 Jul, 2012 | 22:39
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1770, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.

Action-Not Available
Vendor-n/aOracle Corporation
Product-fusion_middlewaren/a
CVE-2012-1773
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.64% / 69.70%
||
7 Day CHG~0.00%
Published-17 Jul, 2012 | 22:39
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1770, CVE-2012-1771, CVE-2012-1772, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.

Action-Not Available
Vendor-n/aOracle Corporation
Product-fusion_middlewaren/a
CVE-2012-1768
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.64% / 69.70%
||
7 Day CHG~0.00%
Published-17 Jul, 2012 | 22:39
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-3109.

Action-Not Available
Vendor-n/aOracle Corporation
Product-fusion_middlewaren/a
CVE-2019-2873
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.07% / 20.75%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 22:31
Updated-01 Oct, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CVE-2019-2876
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.07% / 20.75%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 22:31
Updated-01 Oct, 2024 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CVE-2019-2926
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.3||LOW
EPSS-0.13% / 33.25%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 17:40
Updated-01 Oct, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 2.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2019-2848
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 18.64%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 22:31
Updated-01 Oct, 2024 | 16:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CVE-2019-2984
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6||MEDIUM
EPSS-0.12% / 32.39%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 17:40
Updated-01 Oct, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2019-2545
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-0.19% / 41.55%
||
7 Day CHG-0.04%
Published-16 Jan, 2019 | 19:00
Updated-02 Oct, 2024 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: LDoms IO). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Solaris. CVSS 3.0 Base Score 4.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

Action-Not Available
Vendor-Oracle Corporation
Product-solarisSolaris Operating System
CVE-2012-3107
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.62% / 69.02%
||
7 Day CHG~0.00%
Published-17 Jul, 2012 | 22:39
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1770, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3108, and CVE-2012-3110.

Action-Not Available
Vendor-n/aOracle Corporation
Product-fusion_middlewaren/a
CVE-2019-19922
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 30.81%
||
7 Day CHG-0.02%
Published-22 Dec, 2019 | 19:07
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/LinuxOracle Corporation
Product-ubuntu_linuxdebian_linuxlinux_kernelsd-wan_edgefas\/aff_baseboard_management_controllercloud_backupsolidfire_\&_hci_management_nodee-series_santricity_os_controlleractive_iq_unified_managersteelstore_cloud_integrated_storagehci_baseboard_management_controllersolidfire_baseboard_management_controlleraff_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-19645
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.23% / 45.90%
||
7 Day CHG~0.00%
Published-09 Dec, 2019 | 15:15
Updated-05 Aug, 2024 | 02:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.

Action-Not Available
Vendor-sqliten/aNetApp, Inc.Oracle CorporationTenable, Inc.Siemens AG
Product-sinec_infrastructure_network_servicescloud_backupsqliteontap_select_deploy_administration_utilitytenable.scmysql_workbenchn/a
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2019-2577
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.19% / 41.30%
||
7 Day CHG~0.00%
Published-23 Apr, 2019 | 18:16
Updated-02 Oct, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: File Locking Services). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Solaris. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

Action-Not Available
Vendor-Oracle Corporation
Product-solarisSolaris Operating System
CVE-2011-3536
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.14% / 35.14%
||
7 Day CHG~0.00%
Published-18 Oct, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to DTrace Software Library (libdtrace).

Action-Not Available
Vendor-n/aOracle Corporation
Product-solarisn/a
CVE-2022-24736
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-3.3||LOW
EPSS-0.35% / 56.96%
||
7 Day CHG~0.00%
Published-27 Apr, 2022 | 19:55
Updated-22 Apr, 2025 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A Malformed Lua script can crash Redis

Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.

Action-Not Available
Vendor-Redis Inc.Fedora ProjectOracle CorporationNetApp, Inc.
Product-communications_operations_monitormanagement_services_for_netapp_hcifedoraredismanagement_services_for_element_softwareredis
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-5469
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 28.87%
||
7 Day CHG~0.00%
Published-21 Jul, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5471.

Action-Not Available
Vendor-n/aOracle Corporation
Product-solarisn/a
CVE-2016-5613
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.3||MEDIUM
EPSS-0.15% / 35.72%
||
7 Day CHG~0.00%
Published-25 Oct, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5608.

Action-Not Available
Vendor-n/aOracle Corporation
Product-vm_virtualboxn/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-5608
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 17.35%
||
7 Day CHG~0.00%
Published-25 Oct, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5613.

Action-Not Available
Vendor-n/aOracle Corporation
Product-vm_virtualboxn/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-5615
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.06% / 17.55%
||
7 Day CHG~0.00%
Published-25 Oct, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx.

Action-Not Available
Vendor-n/aOracle Corporation
Product-solarisn/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-5471
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 28.87%
||
7 Day CHG~0.00%
Published-21 Jul, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5469.

Action-Not Available
Vendor-n/aOracle Corporation
Product-solarisn/a
CVE-2016-3712
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.02%
||
7 Day CHG~0.00%
Published-11 May, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

Action-Not Available
Vendor-n/aQEMURed Hat, Inc.Citrix (Cloud Software Group, Inc.)Debian GNU/LinuxOracle CorporationCanonical Ltd.
Product-enterprise_linux_serverenterprise_linux_server_ausxenserverqemuenterprise_linux_desktopubuntu_linuxenterprise_linux_server_eusvm_serverenterprise_linux_server_tusenterprise_linux_workstationdebian_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2016-3419
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.3||LOW
EPSS-0.16% / 37.16%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to Filesystem.

Action-Not Available
Vendor-n/aOracle Corporation
Product-solarisn/a
CVE-2016-3597
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 22.85%
||
7 Day CHG~0.00%
Published-21 Jul, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.26 allows local users to affect availability via vectors related to Core.

Action-Not Available
Vendor-n/aOracle Corporation
Product-vm_virtualboxn/a
CVE-2016-0592
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.09% / 26.62%
||
7 Day CHG~0.00%
Published-21 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and before 5.0.14 allows local users to affect availability via unknown vectors related to Core.

Action-Not Available
Vendor-n/aDebian GNU/LinuxOracle Corporation
Product-vm_virtualboxdebian_linuxn/a
CVE-2020-2951
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 35.18%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:29
Updated-27 Sep, 2024 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CVE-2006-3486
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.10% / 28.66%
||
7 Day CHG~0.00%
Published-10 Jul, 2006 | 21:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability

Action-Not Available
Vendor-mysqln/aOracle Corporation
Product-mysqln/a
CVE-2015-4813
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.06% / 17.26%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when using a Windows guest, allows local users to affect availability via unknown vectors related to Core.

Action-Not Available
Vendor-n/aDebian GNU/LinuxOracle Corporation
Product-vm_virtualboxdebian_linuxn/a
CVE-2015-2661
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.12% / 31.65%
||
7 Day CHG~0.00%
Published-16 Jul, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.

Action-Not Available
Vendor-n/aOracle CorporationCanonical Ltd.
Product-mysqlubuntu_linuxn/a
CVE-2021-43976
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 2.38%
||
7 Day CHG-0.00%
Published-17 Nov, 2021 | 00:00
Updated-04 Aug, 2024 | 04:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, IncNetApp, Inc.Debian GNU/LinuxOracle Corporation
Product-h300eh500scloud_backuph300s_firmwareh410c_firmwarecommunications_cloud_native_core_network_exposure_functionh410sh300scommunications_cloud_native_core_policyh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwarecommunications_cloud_native_core_binding_support_functionh700eh410ch700e_firmwareh700sn/a
CVE-2021-39048
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.03% / 8.53%
||
7 Day CHG~0.00%
Published-13 Dec, 2021 | 18:35
Updated-17 Sep, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438.

Action-Not Available
Vendor-HP Inc.IBM CorporationOracle CorporationLinux Kernel Organization, Inc
Product-solarislinux_kernelhp-uxspectrum_protect_for_space_managementaixspectrum_protect_backup-archive_clientSpectrum Protect
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-35632
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 16.11%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 10:51
Updated-25 Sep, 2024 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-oncommand_insightmysqlsnapcenterMySQL Server
CVE-2021-2111
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6||MEDIUM
EPSS-0.07% / 20.81%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 14:50
Updated-26 Sep, 2024 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2021-2112
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6||MEDIUM
EPSS-0.07% / 20.81%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 14:50
Updated-26 Sep, 2024 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2021-20227
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.21% / 43.95%
||
7 Day CHG~0.00%
Published-23 Mar, 2021 | 00:00
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-sqliten/aOracle Corporation
Product-enterprise_manager_for_oracle_databasesqlitecommunications_network_charging_and_controlzfs_storage_appliance_kitoutside_in_technologyjd_edwards_enterpriseone_toolsmysql_workbenchsqlite
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • Next
Details not found