NotCVE - vendor:"Oracle" product:"Fusion Middleware"

Page 17 of 328 results (0.006 seconds)

CVSS: 7.5EPSS: 94%CPEs: 5EXPL: 0

CVE-2015-2604 – Oracle Endeca Information Discovery Integrator ETL Server CopyFile Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-2604

Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2605, CVE-2015-2606, and CVE-2015-4745. Vulnerabilidad no especificada en el componente Oracle Endeca Information Discovery Studio en Oracle Fusion Middleware de las versiones 2.2.2, 2.3, 2.4, 3.0 y 3.1, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Integrator, una vulnerabilidad diferente a CVE-2015-2602, CVE-2015-2603, CVE-2015-2605, CVE-2015-2606 y CVE-2015-4745. This vulnerability allows remote attackers the ability to execute arbitrary code on vulnerable instances of Oracle Endeca Information Discovery. Authentication is required to exploit this vulnerability but an authentication bypass is known. The specific flaw exists in the handling of the CopyFile endpoint. The issue lies in the failure to properly sanitize the path of files. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/75757 http://www.zerodayinitiative.com/advisories/ZDI-15-354 •

CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-0461

https://notcve.org/view.php?id=CVE-2015-0461

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 and 11.1.1.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Authentication Engine. Vulnerabilidad no especificada en el componente Oracle Access Manager en Oracle Fusion Middleware 11.1.1.5 y 11.1.1.7 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a través de vectores desconocidos relacionados con Authentication Engine. • http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html http://www.securitytracker.com/id/1032131 •

CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-0482

https://notcve.org/view.php?id=CVE-2015-0482

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.2.0 and 12.1.3.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to WLS-WebServices. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 12.1.2.0 y 12.1.3.0 permite a usuarios remotos autenticados afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con WLS-WebServices. • http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html http://www.securitytracker.com/id/1032131 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-0456

https://notcve.org/view.php?id=CVE-2015-0456

Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to Portlet Services. Vulnerabilidad no especificada en el componente Oracle WebCenter Portal en Oracle Fusion Middleware 11.1.1.8.0 permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con Portlet Services. • http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html http://www.securitytracker.com/id/1032131 •

CVSS: 1.5EPSS: 0%CPEs: 3EXPL: 1

CVE-2015-0474 – Oracle - Outside-In '.DOCX' File Parsing Memory Corruption

https://notcve.org/view.php?id=CVE-2015-0474

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-0493. Vulnerabilidad no especificada en el componente Oracle Outside In Technology en Oracle Fusion Middleware 8.4.1, 8.5.0, y 8.5.1 permite a usuarios locales afectar la disponibilidad a través de vectores desconocidos relacionados con Outside In Filters, una vulnerabilidad diferente a CVE-2015-0493. • https://www.exploit-db.com/exploits/36788 http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html http://www.securityfocus.com/bid/74139 http://www.securitytracker.com/id/1032131 •

1...15 16 17 18 19