Filtered by vendor Oracle
Subscriptions
Total
9762 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-5451 | 2 Jdedwards, Oracle | 2 Enterpriseone, Peoplesoft Enterprise | 2024-08-07 | N/A |
Unspecified vulnerability in the JD Edwards Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.5 allows remote authenticated users to affect confidentiality via unknown vectors. | ||||
CVE-2008-5449 | 1 Oracle | 1 Secure Backup | 2024-08-07 | N/A |
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5444 and CVE-2008-5448. | ||||
CVE-2008-5443 | 1 Oracle | 1 Secure Backup | 2024-08-07 | N/A |
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2008-5441 and CVE-2008-5442. | ||||
CVE-2008-5447 | 1 Oracle | 1 Enterprise Manager Grid Control 10g | 2024-08-07 | N/A |
Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | ||||
CVE-2008-5450 | 1 Oracle | 2 E-business Suite, E-business Suite 12 | 2024-08-07 | N/A |
Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows local users to affect confidentiality via unknown vectors. | ||||
CVE-2008-5440 | 1 Oracle | 1 Timesten In-memory Database | 2024-08-07 | N/A |
Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this is a format string vulnerability via the msg parameter in the evtdump CGI module. | ||||
CVE-2008-5438 | 1 Oracle | 1 Application Server | 2024-08-07 | N/A |
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors. | ||||
CVE-2008-5445 | 1 Oracle | 1 Secure Backup | 2024-08-07 | N/A |
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service in observiced.exe via malformed private Protocol data that triggers a NULL pointer dereference. | ||||
CVE-2008-5266 | 2 Oracle, Sun | 2 Glassfish Server, Java System Application Server | 2024-08-07 | N/A |
Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.1_01 build b09d-fcs and 9.1_02 build b04-fcs allows remote attackers to inject arbitrary web script or HTML via the name parameter, a different vector than CVE-2008-2751. | ||||
CVE-2008-4609 | 12 Bsd, Bsdi, Cisco and 9 more | 22 Bsd, Bsd Os, Catalyst Blade Switch 3020 and 19 more | 2024-08-07 | N/A |
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. | ||||
CVE-2008-4456 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67. | ||||
CVE-2008-4197 | 5 Freebsd, Linux, Microsoft and 2 more | 5 Freebsd, Linux Kernel, Windows and 2 more | 2024-08-07 | 8.8 High |
Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-assisted remote attackers to execute arbitrary code or conduct other attacks via vectors related to activation of a shortcut. | ||||
CVE-2008-4098 | 5 Canonical, Debian, Mysql and 2 more | 5 Ubuntu Linux, Debian Linux, Mysql and 2 more | 2024-08-07 | N/A |
MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097. | ||||
CVE-2008-3978 | 1 Oracle | 1 Database 10g | 2024-08-07 | N/A |
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | ||||
CVE-2008-4016 | 1 Oracle | 1 Collaboration Suite | 2024-08-07 | N/A |
Unspecified vulnerability in the Collaborative Workspaces component in Oracle Collaboration Suite 10.1.2 allows remote authenticated users to affect confidentiality via unknown vectors. | ||||
CVE-2008-3991 | 1 Oracle | 2 Database 10g, Database 9i | 2024-08-07 | N/A |
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3990. | ||||
CVE-2008-3998 | 1 Oracle | 1 E-business Suite | 2024-08-07 | N/A |
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | ||||
CVE-2008-3973 | 1 Oracle | 2 Database 10g, Database 11g | 2024-08-07 | N/A |
Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database allows local users to affect confidentiality via unknown vectors. | ||||
CVE-2008-4097 | 1 Oracle | 1 Mysql | 2024-08-07 | N/A |
MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079. | ||||
CVE-2008-4017 | 1 Oracle | 1 Application Server | 2024-08-07 | N/A |
Unspecified vulnerability in the OC4J component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality via unknown vectors. |