Max CVSS 10.0 Min CVSS 1.7 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-0235 10.0
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
14-02-2024 - 01:17 28-01-2015 - 19:59
CVE-2014-3566 4.3
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
12-09-2023 - 14:55 15-10-2014 - 00:55
CVE-2015-2808 5.0
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial
07-09-2023 - 17:15 01-04-2015 - 02:00
CVE-2014-8101 6.5
The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly
13-02-2023 - 00:42 10-12-2014 - 15:59
CVE-2014-8102 6.5
The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of
13-02-2023 - 00:42 10-12-2014 - 15:59
CVE-2014-8091 4.3
X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote attackers to
13-02-2023 - 00:42 10-12-2014 - 15:59
CVE-2014-8100 6.5
The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly
13-02-2023 - 00:42 10-12-2014 - 15:59
CVE-2014-8093 6.5
Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possib
13-02-2023 - 00:42 10-12-2014 - 15:59
CVE-2014-8096 6.5
The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds rea
13-02-2023 - 00:42 10-12-2014 - 15:59
CVE-2014-8092 6.5
Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a craft
13-02-2023 - 00:42 10-12-2014 - 15:59
CVE-2014-8098 6.5
The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly exec
13-02-2023 - 00:42 10-12-2014 - 15:59
CVE-2014-8095 6.5
The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary
13-02-2023 - 00:42 10-12-2014 - 15:59
CVE-2014-8097 6.5
The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary
13-02-2023 - 00:42 10-12-2014 - 15:59
CVE-2015-4000 4.3
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a Clie
09-02-2023 - 16:15 21-05-2015 - 00:59
CVE-2015-1787 2.6
The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 before 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote attackers to cause a denial of service (daemon crash) via a Clien
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0291 5.0
The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message durin
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0209 6.8
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corrup
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0208 4.3
The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0288 5.0
The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) v
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0290 5.0
The multi-block feature in the ssl3_write_bytes function in s3_pkt.c in OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases, which allows remote attackers to cause a denial o
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0286 5.0
The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of ser
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0285 4.3
The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffin
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0292 7.5
Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corru
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0287 5.0
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial o
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0207 5.0
The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a does not properly isolate the state information of independent data streams, which allows remote attackers to cause a denial of service (application crash) via crafted DTLS traffic,
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0293 5.0
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY me
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0289 5.0
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2011-3389 4.3
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man
29-11-2022 - 15:56 06-09-2011 - 19:55
CVE-2015-4757 3.5
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
20-09-2022 - 20:28 16-07-2015 - 11:00
CVE-2015-2582 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
08-09-2022 - 21:02 16-07-2015 - 10:59
CVE-2015-4752 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.
08-09-2022 - 20:59 16-07-2015 - 11:00
CVE-2015-2643 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
08-09-2022 - 20:59 16-07-2015 - 11:00
CVE-2015-2648 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.
08-09-2022 - 20:59 16-07-2015 - 11:00
CVE-2015-2620 4.3
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.
29-08-2022 - 20:52 16-07-2015 - 10:59
CVE-2015-4733 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.
13-05-2022 - 14:38 16-07-2015 - 11:00
CVE-2015-4732 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability th
13-05-2022 - 14:38 16-07-2015 - 11:00
CVE-2015-4736 9.3
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
13-05-2022 - 14:38 16-07-2015 - 11:00
CVE-2015-4760 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
13-05-2022 - 14:38 16-07-2015 - 11:00
CVE-2015-4731 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
13-05-2022 - 14:38 16-07-2015 - 11:00
CVE-2015-4749 4.3
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI.
13-05-2022 - 14:38 16-07-2015 - 11:00
CVE-2015-4748 7.6
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
13-05-2022 - 14:38 16-07-2015 - 11:00
CVE-2015-4729 4.0
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment.
13-05-2022 - 14:38 16-07-2015 - 11:00
CVE-2015-2638 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2015-2619 5.0
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2015-2596 4.3
Unspecified vulnerability in Oracle Java SE 7u80 allows remote attackers to affect integrity via unknown vectors related to Hotspot.
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2015-2613 5.0
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2015-2625 2.6
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2015-2601 5.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2015-2621 5.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX.
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2015-2597 7.2
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2015-2664 6.9
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
13-05-2022 - 14:38 16-07-2015 - 11:00
CVE-2015-2637 5.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2015-2627 2.6
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to installation.
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2015-2628 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2015-2590 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability th
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2015-2632 5.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
13-05-2022 - 14:38 16-07-2015 - 10:59
CVE-2013-5704 5.0
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a s
14-04-2022 - 16:47 15-04-2014 - 10:55
CVE-2015-3456 7.7
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_
17-11-2021 - 22:15 13-05-2015 - 18:59
CVE-2013-2251 9.3
Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
20-10-2020 - 22:15 20-07-2013 - 03:37
CVE-2015-2659 5.0
Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers to affect availability via unknown vectors related to Security. Per Advisory: <a href="http://www.oracle.com/technetwork/topics/security/cpujul2015-236
08-09-2020 - 12:30 16-07-2015 - 11:00
CVE-2010-4020 3.5
MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the smal
21-01-2020 - 15:46 02-12-2010 - 16:22
CVE-2010-1323 2.6
MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distrib
21-01-2020 - 15:46 02-12-2010 - 16:22
CVE-2010-1324 4.3
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum,
21-01-2020 - 15:46 02-12-2010 - 16:22
CVE-2015-4756 4.0
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0439.
22-04-2019 - 17:48 16-07-2015 - 11:00
CVE-2013-2174 6.8
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string endi
22-04-2019 - 17:48 31-07-2013 - 13:20
CVE-2014-0230 7.8
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (
15-04-2019 - 16:30 07-06-2015 - 23:59
CVE-2014-0227 6.4
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote atta
15-04-2019 - 16:29 16-02-2015 - 00:59
CVE-2015-4737 3.5
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.
12-02-2019 - 17:49 16-07-2015 - 11:00
CVE-2015-2594 6.6
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.32, 4.1.40, 4.2.32, and 4.3.30 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to C
05-02-2019 - 18:01 16-07-2015 - 10:59
CVE-2014-3707 4.3
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to r
30-10-2018 - 16:27 15-11-2014 - 20:59
CVE-2015-0255 6.4
X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry r
30-10-2018 - 16:27 13-02-2015 - 15:59
CVE-2014-7809 6.8
Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable <s:token/> values, which allows remote attackers to bypass the CSRF protection mechanism.
09-10-2018 - 19:53 10-12-2014 - 15:59
CVE-2014-0138 6.4
The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connec
09-10-2018 - 19:36 15-04-2014 - 14:55
CVE-2014-0015 4.0
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.
09-10-2018 - 19:35 02-02-2014 - 00:55
CVE-2015-0204 4.3
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak
19-07-2018 - 01:29 09-01-2015 - 02:59
CVE-2012-0036 7.5
curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack
10-01-2018 - 02:29 13-04-2012 - 20:55
CVE-2013-2186 7.5
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name i
09-01-2018 - 02:29 28-10-2013 - 21:55
CVE-2015-4771 3.5
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.
05-01-2018 - 02:30 16-07-2015 - 11:01
CVE-2015-4767 1.7
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769.
05-01-2018 - 02:30 16-07-2015 - 11:00
CVE-2015-4769 3.5
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4767.
05-01-2018 - 02:30 16-07-2015 - 11:01
CVE-2015-4761 3.5
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
05-01-2018 - 02:30 16-07-2015 - 11:00
CVE-2015-4772 4.0
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.
05-01-2018 - 02:30 16-07-2015 - 11:01
CVE-2015-2617 6.5
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Partition.
05-01-2018 - 02:30 16-07-2015 - 10:59
CVE-2015-2639 3.5
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.
05-01-2018 - 02:30 16-07-2015 - 11:00
CVE-2015-2641 3.5
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.
05-01-2018 - 02:30 16-07-2015 - 11:00
CVE-2015-2611 4.0
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.
05-01-2018 - 02:30 16-07-2015 - 10:59
CVE-2015-2661 2.1
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.
05-01-2018 - 02:30 16-07-2015 - 11:00
CVE-2014-3613 5.0
cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a s
05-01-2018 - 02:29 18-11-2014 - 15:59
CVE-2014-0139 5.8
cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to sp
16-12-2017 - 02:29 15-04-2014 - 14:55
CVE-2014-8275 5.0
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted
15-11-2017 - 02:29 09-01-2015 - 02:59
CVE-2014-3569 5.0
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon c
15-11-2017 - 02:29 24-12-2014 - 11:59
CVE-2014-3572 5.0
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerK
15-11-2017 - 02:29 09-01-2015 - 02:59
CVE-2014-3570 5.0
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms
15-11-2017 - 02:29 09-01-2015 - 02:59
CVE-2014-3567 7.1
Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an
15-11-2017 - 02:29 19-10-2014 - 01:55
CVE-2015-0205 5.0
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to
15-11-2017 - 02:29 09-01-2015 - 02:59
CVE-2014-3571 5.0
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation fo
20-10-2017 - 01:29 09-01-2015 - 02:59
CVE-2015-0206 5.0
Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading
20-10-2017 - 01:29 09-01-2015 - 02:59
CVE-2015-2591 4.0
Unspecified vulnerability in the PeopleSoft Enterprise Portal - Interaction Hub component in Oracle PeopleSoft Products 9.1.00 allows remote authenticated users to affect integrity via unknown vectors related to Enterprise Portal.
26-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-4770 4.9
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to UNIX filesystem.
22-09-2017 - 01:29 16-07-2015 - 11:01
CVE-2015-4738 4.0
Unspecified vulnerability in the PeopleSoft Enterprise HCM Candidate Gateway component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-4773 4.0
Unspecified vulnerability in the Hyperion Common Security component in Oracle Hyperion 11.1.2.2, 11.1.2.3, and 11.1.2.4 allows remote authenticated users to affect availability via unknown vectors related to User Account Update.
22-09-2017 - 01:29 16-07-2015 - 11:01
CVE-2015-4765 3.5
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via vectors related to OAM Dashboard.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-4739 3.5
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote authenticated users to affect integrity via unknown vectors related to Help screens.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-4755 5.0
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows remote attackers to affect confidentiality via unknown vectors.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-4743 4.0
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to AD Utilities.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-4741 3.5
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Dialog popup.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-4753 2.1
Unspecified vulnerability in the RDBMS Support Tools component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality via unknown vectors.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-4740 6.0
Unspecified vulnerability in the RDBMS Partitioning component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-4728 4.0
Unspecified vulnerability in the Oracle Sourcing component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Bid/Quote creation.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-2631 7.2
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to rmformat.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2649 3.5
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.22, and 15.0 allows remote authenticated users to affect confidentiality via vectors related to UIF Open UI.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-2630 4.3
Unspecified vulnerability in the Technology stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Applet startup.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2622 4.3
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 allows remote attackers to affect integrity via unknown vectors related to Fluid Core.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2615 5.0
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.0.6, 12.1.3, and 12.2.3 allows remote attackers to affect confidentiality via unknown vectors related to Portal.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2616 4.9
Unspecified vulnerability in Oracle Sun Solaris 3.3 and 4.2 allows local users to affect availability via unknown vectors related to DevFS.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-1926 5.5
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 and 11.1.1.9.0, and the Oracle Applications Framework component in Oracle E-Business Suite 12.2.3 and 12.2.4, allows remote authenticated users
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2612 4.3
Unspecified vulnerability in the Siebel Core - Server OM Svcs component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote attackers to affect confidentiality via vectors related to LDAP Security Adapter.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2586 4.3
Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect availability via unknown vectors.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2655 5.5
Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.3.00.08 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-2589 4.9
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to S10 Branded Zone.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2585 2.1
Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0 allows remote authenticated users to affect availability via unknown vectors.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2652 5.0
Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Web Management.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-2595 6.5
Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2650 4.0
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote authenticated users to affect confidentiality via unknown vectors related to Multichannel Framework.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-2609 4.9
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via vectors related to CPU performance counters drivers.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2580 1.9
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to NFSv4.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2014-1569 7.5
The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers
22-09-2017 - 01:29 15-12-2014 - 18:59
CVE-2015-2645 3.5
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-2592 3.5
Unspecified vulnerability in the Hyperion Enterprise Performance Management Architect component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulner
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2610 4.3
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Popup windows.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2587 4.3
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote attackers to affect integrity via vectors related to SWSE Server Infrastructure.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2662 1.9
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to DHCP Server.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-2600 3.5
Unspecified vulnerability in the Siebel Core - Server OM Svcs component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2588 4.3
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote attackers to affect integrity via vectors related to PIA Core Technology.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2629 9.0
Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a differen
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2618 2.1
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Input validatio
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2614 4.9
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via vectors related to NVM Express SSD driver.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2599 4.0
Unspecified vulnerability in the RDBMS Scheduler component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2584 4.0
Unspecified vulnerability in the Hyperion Enterprise Performance Management Architect component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulner
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-2651 3.8
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via vectors related to Kernel Zones virtualized NIC driver.
22-09-2017 - 01:29 16-07-2015 - 11:00
CVE-2015-0467 4.3
Unspecified vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote attackers to affect integrity via unknown vectors related to Security.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2015-0468 6.0
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
22-09-2017 - 01:29 16-07-2015 - 10:59
CVE-2014-1568 7.5
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31
29-08-2017 - 01:34 25-09-2014 - 17:55
CVE-2015-1803 8.5
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer der
31-12-2016 - 02:59 20-03-2015 - 14:59
CVE-2015-1804 8.5
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds
31-12-2016 - 02:59 20-03-2015 - 14:59
CVE-2015-4750 5.0
Unspecified vulnerability in the Oracle VM Server for SPARC component in Oracle Sun Systems Products Suite 3.2 allows remote attackers to affect availability via vectors related to LDOM Manager.
29-12-2016 - 13:34 16-07-2015 - 11:00
CVE-2015-4763 3.6
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Security.
29-12-2016 - 13:31 16-07-2015 - 11:00
CVE-2015-4768 4.0
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, and 6.3.7 allows remote authenticated users to affect confidentiality via unk
29-12-2016 - 13:31 16-07-2015 - 11:00
CVE-2015-4746 4.0
Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0.0.7, 6.1.0.3, 6.1.1.5, and 6.2.0.0 allows remote authenticated users to affect confidentiality via unknown vect
29-12-2016 - 13:31 16-07-2015 - 11:00
CVE-2015-4735 5.0
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1, and EM DB Control 11.2.0.3 and 11.2.0.4, allows remote attackers to affect confidentiality via vect
28-12-2016 - 16:29 16-07-2015 - 11:00
CVE-2015-4744 2.6
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote atta
28-12-2016 - 16:28 16-07-2015 - 11:00
CVE-2015-2646 4.3
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 al
28-12-2016 - 02:59 16-07-2015 - 11:00
CVE-2015-2623 4.3
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2, and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0, allows remote attackers t
28-12-2016 - 02:59 16-07-2015 - 10:59
CVE-2015-2644 4.3
Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote attackers to affect confidentiality via unknown vectors related to Security.
28-12-2016 - 02:59 16-07-2015 - 11:00
CVE-2015-2663 7.5
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, and 6.3.0 through 6.3.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related
28-12-2016 - 02:59 16-07-2015 - 11:00
CVE-2015-2658 5.0
Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to SSL/TLS Support.
28-12-2016 - 02:59 16-07-2015 - 11:00
CVE-2015-2647 5.5
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 a
28-12-2016 - 02:59 16-07-2015 - 11:00
CVE-2015-2657 4.0
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, and 6.3.0 through 6.3.7 allows remote authenticated users to affect confidentiality via unknown vectors related to Business Pr
28-12-2016 - 02:59 16-07-2015 - 11:00
CVE-2015-2660 3.6
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect confidentiality and integrity via vectors related to Oracle Agile PLM Framework.
28-12-2016 - 02:59 16-07-2015 - 11:00
CVE-2015-4745 7.5
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related
22-12-2016 - 02:59 16-07-2015 - 11:00
CVE-2015-2603 7.5
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related
22-12-2016 - 02:59 16-07-2015 - 10:59
CVE-2015-1802 8.5
The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negat
22-12-2016 - 02:59 20-03-2015 - 14:59
CVE-2015-2605 7.5
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related
22-12-2016 - 02:59 16-07-2015 - 10:59
CVE-2015-2602 7.5
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related
22-12-2016 - 02:59 16-07-2015 - 10:59
CVE-2015-2606 7.5
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related
22-12-2016 - 02:59 16-07-2015 - 10:59
CVE-2015-2604 7.5
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related
22-12-2016 - 02:59 16-07-2015 - 10:59
CVE-2013-0249 7.5
Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash
08-12-2016 - 03:02 08-03-2013 - 22:55
CVE-2015-3244 4.9
The Portlet Bridge for JavaServer Faces in Red Hat JBoss Portal 6.2.0, when used in portlets with the default resource serving for GenericPortlet, does not properly restrict access to restricted resources, which allows remote attackers to obtain sens
28-11-2016 - 19:23 16-07-2015 - 11:00
CVE-2013-4545 4.3
cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification (CURLOPT_SSL_VERIFYHOST) when the digital signature verification (CURLOPT_SSL_VERIFYPEER) is disabled, which allows man-in-th
17-06-2016 - 01:59 23-11-2013 - 11:55
CVE-2013-6422 4.0
The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to
07-04-2016 - 20:55 23-12-2013 - 22:55
CVE-2015-4727 7.5
Unspecified vulnerability in Oracle Virtualization Sun Ray Software before 5.4.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Console.
21-07-2015 - 11:10 16-07-2015 - 11:00
CVE-2015-4789 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
20-07-2015 - 17:44 16-07-2015 - 11:01
CVE-2015-4790 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
20-07-2015 - 17:44 16-07-2015 - 11:01
CVE-2015-4788 3.3
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect integrity and availability via unknown vectors, a different vulnerability than CVE-2015-47
20-07-2015 - 17:43 16-07-2015 - 11:01
CVE-2015-4787 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
20-07-2015 - 17:42 16-07-2015 - 11:01
CVE-2015-4786 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
20-07-2015 - 17:42 16-07-2015 - 11:01
CVE-2015-4774 3.3
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect integrity and availability via unknown vectors, a different vulnerability than CVE-2015-47
20-07-2015 - 17:41 16-07-2015 - 11:01
CVE-2015-4785 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
20-07-2015 - 17:41 16-07-2015 - 11:01
CVE-2015-4764 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
20-07-2015 - 17:37 16-07-2015 - 11:00
CVE-2015-4758 6.8
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a d
20-07-2015 - 17:34 16-07-2015 - 11:00
CVE-2015-4759 6.8
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a d
20-07-2015 - 17:34 16-07-2015 - 11:00
CVE-2015-4754 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
20-07-2015 - 17:32 16-07-2015 - 11:00
CVE-2015-4742 5.0
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote attackers to affect availability via vectors related to ADF Faces.
20-07-2015 - 15:38 16-07-2015 - 11:00
CVE-2015-4751 5.0
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect availability via unknown vectors related to Authentication Engine.
20-07-2015 - 15:34 16-07-2015 - 11:00
CVE-2015-4747 6.8
Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CEP system.
20-07-2015 - 15:15 16-07-2015 - 11:00
CVE-2015-2656 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
20-07-2015 - 13:47 16-07-2015 - 11:00
CVE-2015-2654 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
20-07-2015 - 13:44 16-07-2015 - 11:00
CVE-2015-2640 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
20-07-2015 - 13:22 16-07-2015 - 11:00
CVE-2015-2653 6.4
Unspecified vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce Platform 3.1.1, 3.1.2, 11.0, and 11.1 allows remote attackers to affect confidentiality and integrity via unknown vectors
17-07-2015 - 22:09 16-07-2015 - 11:00
CVE-2015-2607 5.0
Unspecified vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce Platform 3.0.2, 3.1.1, 3.1.2, 11.0, and 11.1 allows remote attackers to affect confidentiality via unknown vectors relate
17-07-2015 - 22:05 16-07-2015 - 10:59
CVE-2015-2581 6.4
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.1 and 5.2 allows remote attackers to affect confidentiality and availability via unknown vectors related to JServer.
17-07-2015 - 13:44 16-07-2015 - 10:59
CVE-2015-4782 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
16-07-2015 - 18:54 16-07-2015 - 11:01
CVE-2015-4783 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
16-07-2015 - 18:53 16-07-2015 - 11:01
CVE-2015-4779 3.3
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect integrity and availability via unknown vectors, a different vulnerability than CVE-2015-47
16-07-2015 - 18:53 16-07-2015 - 11:01
CVE-2015-4781 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
16-07-2015 - 18:51 16-07-2015 - 11:01
CVE-2015-4778 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
16-07-2015 - 18:51 16-07-2015 - 11:01
CVE-2015-4777 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
16-07-2015 - 18:50 16-07-2015 - 11:01
CVE-2015-4776 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
16-07-2015 - 18:50 16-07-2015 - 11:01
CVE-2015-4780 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
16-07-2015 - 18:50 16-07-2015 - 11:01
CVE-2015-4775 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
16-07-2015 - 18:49 16-07-2015 - 11:01
CVE-2015-4784 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
16-07-2015 - 18:49 16-07-2015 - 11:01
CVE-2015-2635 6.8
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a d
16-07-2015 - 18:37 16-07-2015 - 10:59
CVE-2015-2636 7.5
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a d
16-07-2015 - 18:36 16-07-2015 - 10:59
CVE-2015-2634 6.8
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a d
16-07-2015 - 18:33 16-07-2015 - 10:59
CVE-2015-2626 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
16-07-2015 - 18:33 16-07-2015 - 10:59
CVE-2015-2624 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
16-07-2015 - 18:31 16-07-2015 - 10:59
CVE-2015-2583 6.9
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerabilit
16-07-2015 - 17:44 16-07-2015 - 10:59
CVE-2015-2598 3.5
Unspecified vulnerability in the mobile app in Oracle Business Intelligence Enterprise Edition in Oracle Fusion Middleware before 11.1.1.7.0 (11.6.39) allows remote authenticated users to affect integrity via unknown vectors related to Mobile - iPad.
16-07-2015 - 17:15 16-07-2015 - 10:59
CVE-2015-2593 7.1
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Configuration Service.
16-07-2015 - 16:52 16-07-2015 - 10:59
CVE-2015-0446 6.8
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a d
16-07-2015 - 16:25 16-07-2015 - 10:59
CVE-2015-0445 6.8
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a d
16-07-2015 - 16:17 16-07-2015 - 10:59
CVE-2015-0444 6.8
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a d
16-07-2015 - 16:15 16-07-2015 - 10:59
CVE-2015-0443 6.8
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a d
16-07-2015 - 16:14 16-07-2015 - 10:59
Back to Top Mark selected
Back to Top