CVSS: 9.6EPSS: 8%CPEs: 4EXPL: 2CVE-2014-6577
https://notcve.org/view.php?id=CVE-2014-6577
21 Jan 2015 — Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the original researcher's claim that this is an XML external entity (XXE) vulnerability in the XML parser, which allows attackers to conduct internal port scanning, perform SSRF attacks, or cause a denial... • https://github.com/SecurityArtWork/oracle-xxe-sqli •
CVSS: 9.9EPSS: 0%CPEs: 4EXPL: 0CVE-2014-6578
https://notcve.org/view.php?id=CVE-2014-6578
21 Jan 2015 — Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SDO_TOPO and WMSYS.LT. Vulnerabilidad no especificada en el componente Workspace Manager en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, y 12.1.0.1 permite a usuarios remotos autenticados afectar la confidencialidad, integridad y disponibilidad a través de vecto... • http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-6514
https://notcve.org/view.php?id=CVE-2014-6514
21 Jan 2015 — Unspecified vulnerability in the PL/SQL component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en el componente PL/sQL de Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4 y 12.1.0.1 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-6477
https://notcve.org/view.php?id=CVE-2014-6477
23 Nov 2014 — Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4296, CVE-2014-4297, CVE-2014-4310, and CVE-2014-6547. NOTE: this issue was originally mapped to CVE-2014-4301, but CVE-2014-4301 is for an unrelated vulnerability. Vulnerabilidad no especificada en... • http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2014-6488
https://notcve.org/view.php?id=CVE-2014-6488
15 Oct 2014 — Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4 EM Plugin for DB: 12.1.0.4, 12.1.0.5, and 12.1.0.6 allows remote authenticated users to affect integrity via unknown vectors related to Content Management. Vulnerabilidad sin especificar en el componente Enterprise Manager for Oracle Database en Oracle Enterprise Manager Grid Control EM Base Platform: 10.2... • http://secunia.com/advisories/61727 •
CVSS: 9.9EPSS: 0%CPEs: 5EXPL: 0CVE-2014-6537
https://notcve.org/view.php?id=CVE-2014-6537
15 Oct 2014 — Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad sin especificar en el componente Java VM en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, y 12.1.0.2 permite usuarios autenticados remotos afectar a la confidencialidad, la integridad, y la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-6538
https://notcve.org/view.php?id=CVE-2014-6538
15 Oct 2014 — Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4294, CVE-2014-4295, and CVE-2014-6563. Vulnerabilidad sin especificar en el componente Java VM en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, y 12.1.0.2 permite a usuarios remotos autenticados afectar a la confidencialidad a través de vector... • http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-6542
https://notcve.org/view.php?id=CVE-2014-6542
15 Oct 2014 — Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-6452, and CVE-2014-6454. Vulnerabilidad sin especificar en el componente SQLJ en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, y 12.1.0.2 permite a usuarios remotos autenticados afectar a la confidencia... • http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html •
CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 0CVE-2014-6544
https://notcve.org/view.php?id=CVE-2014-6544
15 Oct 2014 — Unspecified vulnerability in the JDBC component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2014-4289. Vulnerabilidad no especificada en el componente JDBC en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4 y 12.1.0.1 permite a usuarios autenticados remotos afectar a la confidencialidad e integridad a través de vectores desconocidos, una vulnerabilida... • http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html •
CVSS: 9.9EPSS: 0%CPEs: 5EXPL: 0CVE-2014-6545
https://notcve.org/view.php?id=CVE-2014-6545
15 Oct 2014 — Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-6453, CVE-2014-6467, and CVE-2014-6560. Vulnerabilidad sin especificar en el componente Java VM en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, y 12.1.0.2 permite a usuarios remotos autenticados afectar a la confid... • http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html •