NotCVE - vendor:"Oracle" product:"Forms" version:"6.0"

12 results (0.003 seconds)

CVSS: 9.8EPSS: 1%CPEs: 16EXPL: 0

CVE-2021-37334

https://notcve.org/view.php?id=CVE-2021-37334

25 Aug 2021 — Umbraco Forms version 4.0.0 up to and including 8.7.5 and below are vulnerable to a security flaw that could lead to a remote code execution attack and/or arbitrary file deletion. A vulnerability occurs because validation of the file extension is performed after the file has been stored in a temporary directory. By default, files are stored within the application directory structure at %BASEDIR%/APP_DATA/TEMP/FileUploads/. Whilst access to this directory is restricted by the root web.config file, it is poss... • https://umbraco.com/blog/security-advisory-20th-of-july-2021-patch-is-now-available •

CVSS: 9.1EPSS: 1%CPEs: 22EXPL: 0

CVE-2014-0453 – OpenJDK: RSA unpadding timing issues (Security, 8027766)

https://notcve.org/view.php?id=CVE-2014-0453

16 Apr 2014 — Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security. Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JRockit R27.8.1 y R28.3.1; y Java SE Embedded 7u51 permite a atacantes remotos afectar la confidencialidad y la integridad a través de vectores desconocidos relacionados con la seguridad. The java-1.7.0-open... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 •

CVSS: 10.0EPSS: 8%CPEs: 22EXPL: 0

CVE-2014-0456 – Oracle Java System.arraycopy() Race Condition Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2014-0456

16 Apr 2014 — Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 6u71, 7u51, y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Hotspot. This vulnerability allows remote attackers to execute arbitrary cod... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 •

CVSS: 10.0EPSS: 10%CPEs: 22EXPL: 0

CVE-2014-0457 – Oracle Java ScriptEngineManager Sandbox Bypass Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2014-0457

16 Apr 2014 — Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. Vulnerabilidad sin especificar en Oracle Java SE 5.0u61, SE 6u71, 7u51, y 8; JRockit R27.8.1 y R28.3.1; y Java SE Embedded 7u51 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados co... • http://marc.info/?l=bugtraq&m=140852974709252&w=2 •

CVSS: 9.8EPSS: 10%CPEs: 17EXPL: 0

CVE-2014-0461 – OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794)

https://notcve.org/view.php?id=CVE-2014-0461

16 Apr 2014 — Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 6u71, 7u51, y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores relacionados con las librerías. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Envir... • http://marc.info/?l=bugtraq&m=140852886808946&w=2 •

CVSS: 9.8EPSS: 0%CPEs: 22EXPL: 0

CVE-2014-2398 – OpenJDK: insufficient escaping of window title string (Javadoc, 8026736)

https://notcve.org/view.php?id=CVE-2014-2398

16 Apr 2014 — Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc. Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JavaFX 2.2.51; y JRockit R27.8.1 y R28.3.1 permite a usuarios autenticados remotamente afectar a la integridad a través de vectores relacionados con Javadoc. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime E... • http://marc.info/?l=bugtraq&m=140852886808946&w=2 •

CVSS: 10.0EPSS: 8%CPEs: 22EXPL: 0

CVE-2014-2421 – Oracle Java JPEG Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2014-2421

16 Apr 2014 — Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JavaFX 2.2.51; y Java SE Embedded 7u51 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con 2D. This vulnerability allows remote ... • http://marc.info/?l=bugtraq&m=140852886808946&w=2 •

CVSS: 10.0EPSS: 7%CPEs: 22EXPL: 0

CVE-2014-0429 – OpenJDK: Incorrect mlib/raster image validation (2D, 8027841)

https://notcve.org/view.php?id=CVE-2014-0429

15 Apr 2014 — Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JRockit R27.8.1 y R28.3.1; y Java SE Embedded 7u51 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con 2D. The jav... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 •

CVSS: 7.5EPSS: 39%CPEs: 6EXPL: 4

CVE-2005-3207 – Oracle Forms - Servlet TLS Listener Remote Denial of Service

https://notcve.org/view.php?id=CVE-2005-3207

14 Oct 2005 — The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote attackers to cause a denial of service (TNS listener stop) via a userid parameter that contains a STOP command. • https://www.exploit-db.com/exploits/26336 •

CVSS: 9.8EPSS: 2%CPEs: 7EXPL: 1

CVE-2005-2372

https://notcve.org/view.php?id=CVE-2005-2372

26 Jul 2005 — Oracle Forms 4.5 through 10g starts form executables from arbitrary directories and executes them as the Oracle or System user, which allows attackers to execute arbitrary code by uploading a malicious .fmx file and referencing it using an absolute pathname argument in the (1) form or (2) module parameters to f90servlet. Oracle Forms 4.5 hasta la 10g arranca desde ejecutables de directorios arbitrarios y los ejecuta como usuario Oracle o System, lo que permite que atacantes ejecuten código arbitrario usando... • http://marc.info/?l=bugtraq&m=112180805413784&w=2 •

1 2