CVSS: 4.0EPSS: 0%CPEs: 7EXPL: 0CVE-2014-2404
https://notcve.org/view.php?id=CVE-2014-2404
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to WebGate. Vulnerabilidad no especificada en el componente Oracle Access Manager en Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, y 11.1.2.2.0 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos relacionados con WebGate. • http://packetstormsecurity.com/files/127047/Oracle-Access-Manager-Information-Disclosure.html http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.securityfocus.com/bid/66862 •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2013-5900
https://notcve.org/view.php?id=CVE-2013-5900
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect integrity via unknown vectors related to End User Self Service. Vulnerabilidad no especificada en el componente Oracle Identity Manager en Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0 y 11.1.2.1 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con End User Self Service. • http://osvdb.org/102100 http://secunia.com/advisories/56459 http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html http://www.securityfocus.com/bid/64758 http://www.securityfocus.com/bid/64838 http://www.securitytracker.com/id/1029613 •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2014-0391
https://notcve.org/view.php?id=CVE-2014-0391
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to End User Self Service. Vulnerabilidad no especificada en el componente Oracle Identity Manager de Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0 y 11.1.2.1 que permite a los atacantes remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con el autoservicio de usuario final. • http://osvdb.org/102099 http://secunia.com/advisories/56459 http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html http://www.securityfocus.com/bid/64758 http://www.securityfocus.com/bid/64829 http://www.securitytracker.com/id/1029613 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2013-5785
https://notcve.org/view.php?id=CVE-2013-5785
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.6, 11.1.1.7, and 11.1.2.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security and Authentication. Vulnerabilidad no especificada en el componente Oracle Reports Developer de Oracle Fusion Middleware 11.1.1.6, 11.1.1.7, y 11.1.2.1 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores no especificados relacionados con "Security and Authentication". • http://osvdb.org/102111 http://secunia.com/advisories/56465 http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html http://www.securityfocus.com/bid/64758 http://www.securityfocus.com/bid/64819 http://www.securitytracker.com/id/1029613 •
CVSS: 5.0EPSS: 17%CPEs: 8EXPL: 1CVE-2013-3827 – Oracle GlassFish Server 2.1.1/3.0.1 - Multiple Subcomponent Resource Identifier Traversal Arbitrary File Access
https://notcve.org/view.php?id=CVE-2013-3827
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container. Vulnerabilidad no especificada en el componente de Oracle GlassFish Server en Oracle Fusion Middleware 2.1.1, 3.0.1 y 3.1.2, el componente de Oracle JDeveloper de Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0 y 12.1.2.0. 0, y el componente de Oracle WebLogic Server en Oracle Fusion Middleware 10.3.6.0 y 12.1.1 que permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con Java Server Faces o el Web Container. • https://www.exploit-db.com/exploits/38802 http://rhn.redhat.com/errata/RHSA-2014-0029.html http://www.kb.cert.org/vuls/id/526012 http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html http://www.securityfocus.com/bid/63052 http://www.securitytracker.com/id/1029190 https://access.redhat.com/security/cve/CVE-2013-3827 https://bugzilla.redhat.com/show_bug.cgi?id=1038898 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •