CVSS: 6.8EPSS: 2%CPEs: 1EXPL: 0CVE-2015-2635
https://notcve.org/view.php?id=CVE-2015-2635
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2636, CVE-2015-4758, and CVE-2015-4759. Vulnerabilidad no especificada en el componente Oracle Data Integrator en Oracle Fusion Middleware 11.1.1.3.0, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Data Quality basados en Trillium, una vulnerabilidad diferente a CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015-4758 y CVE-2015-4759. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 2.6EPSS: 0%CPEs: 7EXPL: 0CVE-2015-4744
https://notcve.org/view.php?id=CVE-2015-4744
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via unknown vectors related to Java Server Faces. Vulnerabilidad no especificada en el componente Oracle GlassFish Server en Oracle Fusion Middleware 2.1.1, 3.0.1 y 3.1.2; y en el Oracle WebLogic Server en Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0 y 12.1.3.0, permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con Java Server Faces. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securitytracker.com/id/1032953 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4751
https://notcve.org/view.php?id=CVE-2015-4751
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect availability via unknown vectors related to Authentication Engine. Vulnerabilidad no especificada en el componente Oracle Access Manager en Oracle Fusion Middleware 11.1.1.7 y 11.1.2.2, permite a atacantes remotos afectar la disponibilidad a través de vectores desconocidos relacionados con Authentication Engine. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 7.5EPSS: 94%CPEs: 5EXPL: 0CVE-2015-2606 – Oracle Endeca Information Discovery Integrator ETL Server RenameFile Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-2606
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CVE-2015-4745. Vulnerabilidad no especificada en el componente Oracle Endeca Information Discovery Studio en Oracle Fusion Middleware de las versiones 2.2.2, 2.3, 2.4, 3.0 y 3.1, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Integrator, una vulnerabilidad diferente a CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605 y CVE-2015-4745. This vulnerability allows remote attackers the ability to execute arbitrary code on vulnerable instances of Oracle Endeca Information Discovery. Authentication is required to exploit this vulnerability but an authentication bypass is known. The specific flaw exists in the handling of the RenameFile endpoint. The issue lies in the failure to properly sanitize the path of files. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/75758 http://www.zerodayinitiative.com/advisories/ZDI-15-352 •
CVSS: 6.8EPSS: 2%CPEs: 1EXPL: 0CVE-2015-2634
https://notcve.org/view.php?id=CVE-2015-2634
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2635, CVE-2015-2636, CVE-2015-4758, and CVE-2015-4759. Vulnerabilidad no especificada en el componente Oracle Data Integrator en Oracle Fusion Middleware 11.1.1.3.0, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Data Quality basados en Trillium, una vulnerabilidad diferente a CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2635, CVE-2015-2636, CVE-2015-4758 y CVE-2015-4759. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •