Filtered by vendor Oracle
Subscriptions
Total
9864 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2010-4418 | 1 Oracle | 2 Peoplesoft And Jdedwards Product Suite, Peoplesoft Enterprise | 2024-08-07 | N/A |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.50.11 through 8.50.15 and 8.51GA through 8.51.05 allows remote attackers to affect confidentiality, integrity, and availability, related to PIA Core Technology. | ||||
CVE-2010-4419 | 1 Oracle | 1 Peoplesoft And Jdedwards Product Suite | 2024-08-07 | N/A |
Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle #31 and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Order Capture. | ||||
CVE-2010-4177 | 2 Fedoraproject, Oracle | 2 Fedora, Mysql-gui-tools | 2024-08-07 | 5.5 Medium |
mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the password of a user connected to the MySQL server in clear text form via the list of running processes. | ||||
CVE-2010-4178 | 2 Fedoraproject, Oracle | 2 Fedora, Mysql-gui-tools | 2024-08-07 | 5.5 Medium |
MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console | ||||
CVE-2010-3834 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-08-07 | N/A |
Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments." | ||||
CVE-2010-3833 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT." | ||||
CVE-2010-3839 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements. | ||||
CVE-2010-3838 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table." | ||||
CVE-2010-3840 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points. | ||||
CVE-2010-3837 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object. | ||||
CVE-2010-3835 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table. | ||||
CVE-2010-3836 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers. | ||||
CVE-2010-3676 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-08-07 | N/A |
storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement. | ||||
CVE-2010-3681 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure. | ||||
CVE-2010-3679 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind. | ||||
CVE-2010-3678 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier. | ||||
CVE-2010-3683 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request. | ||||
CVE-2010-3680 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure. | ||||
CVE-2010-3654 | 8 Adobe, Apple, Google and 5 more | 10 Acrobat, Acrobat Reader, Flash Player and 7 more | 2024-08-07 | N/A |
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. | ||||
CVE-2010-3599 | 1 Oracle | 1 Fusion Middleware | 2024-08-07 | N/A |
Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect integrity and availability via unknown vectors related to Import Server. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from the original researcher that remote attackers can overwrite arbitrary files and execute arbitrary code via a full pathname in the first argument to the WriteJPG method in the NCSECWLib ActiveX control. |