CVSS: 9.1EPSS: 1%CPEs: 3EXPL: 0CVE-2014-2493
https://notcve.org/view.php?id=CVE-2014-2493
17 Jul 2014 — Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.2.4.0, and 12.1.2.0.0 allows remote attackers to affect confidentiality and availability via vectors related to ADF Faces. Vulnerabilidad no especificada en el componente Oracle JDeveloper en Oracle Fusion Middleware 11.1.1.7.0, 11.1.2.4.0, y 12.1.2.0.0 permite a atacantes remotos afectar la confidencialidad y disponibilidad a través de vectores desconocidos relacionados con ADF Faces. • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 0CVE-2014-2481
https://notcve.org/view.php?id=CVE-2014-2481
17 Jul 2014 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-2480. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, y 12.1.2.0 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a tr... • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2014-4211
https://notcve.org/view.php?id=CVE-2014-4211
17 Jul 2014 — Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect integrity via unknown vectors related to Portlet Services. Vulnerabilidad no especificada en el componente Oracle WebCenter Portal en Oracle Fusion Middleware 11.1.1.7 y 11.1.1.8 permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con Portlet Services. • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 0CVE-2014-2480
https://notcve.org/view.php?id=CVE-2014-2480
17 Jul 2014 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-2481. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, y 12.1.2.0 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a tr... • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2014-4202
https://notcve.org/view.php?id=CVE-2014-4202
17 Jul 2014 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect availability via vectors related to WLS - Web Services. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, y 12.1.2.0 permite a atacantes remotos afectar la disponibilidad a través de vectores desconocidos relacionados con WLS - Web Services. • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2014-0191 – libxml2: external parameter entity loaded when entity substitution is disabled
https://notcve.org/view.php?id=CVE-2014-0191
12 May 2014 — The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document. La función xmlParserHandlePEReference en parser.c en libxml2 en versiones anteriores a 2.9.2, ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 0CVE-2014-2470
https://notcve.org/view.php?id=CVE-2014-2470
16 Apr 2014 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Security. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, y 12.1.2.0 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionado... • http://secunia.com/advisories/59847 •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2014-2404 – Oracle Access Manager Information Disclosure
https://notcve.org/view.php?id=CVE-2014-2404
16 Apr 2014 — Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to WebGate. Vulnerabilidad no especificada en el componente Oracle Access Manager en Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, y 11.1.2.2.0 permite a usuarios remotos autenticados afectar la co... • http://packetstormsecurity.com/files/127047/Oracle-Access-Manager-Information-Disclosure.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-0450
https://notcve.org/view.php?id=CVE-2014-0450
15 Apr 2014 — Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect confidentiality via unknown vectors related to People Connection. Vulnerabilidad no especificada en el componente Oracle WebCenter Portal en Oracle Fusion Middleware 11.1.1.7 y 11.1.1.8 permite a usuarios remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con People Connection. • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2013-5900
https://notcve.org/view.php?id=CVE-2013-5900
15 Jan 2014 — Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect integrity via unknown vectors related to End User Self Service. Vulnerabilidad no especificada en el componente Oracle Identity Manager en Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0 y 11.1.2.1 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con End User Self Service. • http://osvdb.org/102100 •