CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-4300
https://notcve.org/view.php?id=CVE-2014-4300
15 Oct 2014 — Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4298, CVE-2014-4299, CVE-2014-6452, CVE-2014-6454, and CVE-2014-6542. Vulnerabilidad sin especificar en el componente SQLJ en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios remotos autenticados afectar a la confidencial... • http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2014-4293
https://notcve.org/view.php?id=CVE-2014-4293
15 Oct 2014 — Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4296, CVE-2014-4297, CVE-2014-4310, CVE-2014-6547, and CVE-2014-6477. Vulnerabilidad no especificada en el componente JPublisher en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite ... • http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-4295
https://notcve.org/view.php?id=CVE-2014-4295
15 Oct 2014 — Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4294, CVE-2014-6538, and CVE-2014-6563. Vulnerabilidad sin especificar en el componente Java VM en Oracle Database Server 11.1.07, 11.2.0.3, 11.2.0.4, 12.1.0.1, y 12.1.0.2 permite a usuarios remotos autenticados afectar a la confidencialidad a través de vectore... • http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html •
CVSS: 5.0EPSS: 97%CPEs: 147EXPL: 6CVE-2014-3566 – SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack
https://notcve.org/view.php?id=CVE-2014-3566
15 Oct 2014 — The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. El protocolo SSL 3.0, utilizado en OpenSSL hasta 1.0.1i y otros productos, utiliza relleno (padding) CBC no determinístico, lo que facilita a los atacantes man-in-the-middle obtener datos de texto plano a través de un ataque de relleno (padding) oracle, también conocid... • https://github.com/mikesplain/CVE-2014-3566-poodle-cookbook • CWE-310: Cryptographic Issues CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2014-4236
https://notcve.org/view.php?id=CVE-2014-4236
17 Jul 2014 — Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.2.0.4 and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente RDBMS Core en Oracle Database Server 11.2.0.4 y 12.1.0.1 permite a usuarios remotos autenticados afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2014-4237
https://notcve.org/view.php?id=CVE-2014-4237
17 Jul 2014 — Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.2.0.4 and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en el componente RDBMS Core en Oracle Database Server 11.2.0.4 y 12.1.0.1 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos. • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2014-4245
https://notcve.org/view.php?id=CVE-2014-4245
17 Jul 2014 — Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en el componente RDBMS Core en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, y 12.1.0.1 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos. • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2408
https://notcve.org/view.php?id=CVE-2014-2408
16 Apr 2014 — Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to the "Grant Any Object Privilege." Vulnerabilidad no especificada en el componente Core RDBMS en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, y 12.1.0.1 permite a usuarios autenticados remotamente afectar a la confidencialidad e integridad a través de vectores desconocidos rel... • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •
CVSS: 9.9EPSS: 8%CPEs: 4EXPL: 0CVE-2014-2406
https://notcve.org/view.php?id=CVE-2014-2406
16 Apr 2014 — Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to "Advisor" and "Select Any Dictionary" privileges. Vulnerabilidad no especificada en el componente Core RDBMS en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, y 12.1.0.1 permite a usuarios remotos autenticados afectar la confidencialidad, integridad y disponibili... • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2014-0377
https://notcve.org/view.php?id=CVE-2014-0377
15 Jan 2014 — Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via vectors related to SYS tables. Vulnerabilidad no especificada en el componente Core RDBMS de Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4 y 12.1.0.1 que permite a los usuarios remotos autenticados afectar a la confidencialidad a través de vectores relacionados con las tablas de SYS. • http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00007.html •