Filtered by vendor Oracle
Subscriptions
Total
9866 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-4216 | 2 Oracle, Redhat | 4 Jdk, Jre, Enterprise Linux and 1 more | 2024-08-06 | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||||
CVE-2014-4214 | 2 Oracle, Suse | 3 Mysql, Linux Enterprise Desktop, Linux Enterprise Server | 2024-08-06 | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP. | ||||
CVE-2014-4211 | 1 Oracle | 1 Fusion Middleware | 2024-08-06 | N/A |
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect integrity via unknown vectors related to Portlet Services. | ||||
CVE-2014-4207 | 5 Debian, Mariadb, Oracle and 2 more | 10 Debian Linux, Mariadb, Mysql and 7 more | 2024-08-06 | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR. | ||||
CVE-2014-3673 | 7 Canonical, Debian, Linux and 4 more | 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more | 2024-08-06 | 7.5 High |
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c. | ||||
CVE-2014-3647 | 7 Canonical, Debian, Linux and 4 more | 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more | 2024-08-06 | 5.5 Medium |
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. | ||||
CVE-2014-3687 | 8 Canonical, Debian, Linux and 5 more | 15 Ubuntu Linux, Debian Linux, Linux Kernel and 12 more | 2024-08-06 | 7.5 High |
The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter. | ||||
CVE-2014-3707 | 7 Apple, Canonical, Debian and 4 more | 7 Mac Os X, Ubuntu Linux, Debian Linux and 4 more | 2024-08-06 | N/A |
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information. | ||||
CVE-2014-3566 | 11 Apple, Debian, Fedoraproject and 8 more | 28 Mac Os X, Debian Linux, Fedora and 25 more | 2024-08-06 | 3.4 Low |
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. | ||||
CVE-2014-3576 | 3 Apache, Oracle, Redhat | 5 Activemq, Business Intelligence Publisher, Fusion Middleware and 2 more | 2024-08-06 | N/A |
The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command. | ||||
CVE-2014-3581 | 4 Apache, Canonical, Oracle and 1 more | 12 Http Server, Ubuntu Linux, Enterprise Manager Ops Center and 9 more | 2024-08-06 | N/A |
The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header. | ||||
CVE-2014-3532 | 6 Debian, Freedesktop, Linux and 3 more | 6 Debian Linux, Dbus, Linux Kernel and 3 more | 2024-08-06 | N/A |
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded. | ||||
CVE-2014-3480 | 6 Debian, File Project, Opensuse and 3 more | 7 Debian Linux, File, Opensuse and 4 more | 2024-08-06 | N/A |
The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. | ||||
CVE-2014-3487 | 6 Debian, File Project, Opensuse and 3 more | 7 Debian Linux, File, Opensuse and 4 more | 2024-08-06 | N/A |
The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. | ||||
CVE-2014-3479 | 6 Debian, File Project, Opensuse and 3 more | 7 Debian Linux, File, Opensuse and 4 more | 2024-08-06 | N/A |
The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file. | ||||
CVE-2014-3153 | 6 Canonical, Linux, Opensuse and 3 more | 13 Ubuntu Linux, Linux Kernel, Opensuse and 10 more | 2024-08-06 | 7.8 High |
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. | ||||
CVE-2014-3145 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2024-08-06 | N/A |
The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced. | ||||
CVE-2014-3144 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2024-08-06 | N/A |
The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced. | ||||
CVE-2014-2880 | 1 Oracle | 1 Identity Manager | 2024-08-06 | N/A |
Open redirect vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backUrl parameter in a changepwd action to identity/faces/firstlogin. | ||||
CVE-2014-2678 | 4 Fedoraproject, Linux, Oracle and 1 more | 6 Fedora, Linux Kernel, Linux and 3 more | 2024-08-06 | N/A |
The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. |