CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2014-2479
https://notcve.org/view.php?id=CVE-2014-2479
17 Jul 2014 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS - Web Services. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, y 12.1.2.0 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores descono... • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2014-2481
https://notcve.org/view.php?id=CVE-2014-2481
17 Jul 2014 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-2480. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, y 12.1.2.0 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a tr... • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 0CVE-2014-4201
https://notcve.org/view.php?id=CVE-2014-4201
17 Jul 2014 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect availability via vectors related to WLS - Web Services. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, y 12.1.2.0 permite a atacantes remotos afectar la disponibilidad a través de vectores desconocidos relacionados con WLS - Web Services. • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 0CVE-2014-0191 – libxml2: external parameter entity loaded when entity substitution is disabled
https://notcve.org/view.php?id=CVE-2014-0191
12 May 2014 — The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document. La función xmlParserHandlePEReference en parser.c en libxml2 en versiones anteriores a 2.9.2, ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2014-2470
https://notcve.org/view.php?id=CVE-2014-2470
16 Apr 2014 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Security. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, y 12.1.2.0 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionado... • http://secunia.com/advisories/59847 •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2014-2404 – Oracle Access Manager Information Disclosure
https://notcve.org/view.php?id=CVE-2014-2404
16 Apr 2014 — Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to WebGate. Vulnerabilidad no especificada en el componente Oracle Access Manager en Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, y 11.1.2.2.0 permite a usuarios remotos autenticados afectar la co... • http://packetstormsecurity.com/files/127047/Oracle-Access-Manager-Information-Disclosure.html •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2013-5900
https://notcve.org/view.php?id=CVE-2013-5900
15 Jan 2014 — Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect integrity via unknown vectors related to End User Self Service. Vulnerabilidad no especificada en el componente Oracle Identity Manager en Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0 y 11.1.2.1 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con End User Self Service. • http://osvdb.org/102100 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-0391
https://notcve.org/view.php?id=CVE-2014-0391
15 Jan 2014 — Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to End User Self Service. Vulnerabilidad no especificada en el componente Oracle Identity Manager de Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0 y 11.1.2.1 que permite a los atacantes remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con el autoservic... • http://osvdb.org/102099 •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2013-5785
https://notcve.org/view.php?id=CVE-2013-5785
15 Jan 2014 — Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.6, 11.1.1.7, and 11.1.2.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security and Authentication. Vulnerabilidad no especificada en el componente Oracle Reports Developer de Oracle Fusion Middleware 11.1.1.6, 11.1.1.7, y 11.1.2.1 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores no e... • http://osvdb.org/102111 •
CVSS: 5.3EPSS: 93%CPEs: 8EXPL: 2CVE-2013-3827 – Oracle GlassFish Server 2.1.1/3.0.1 - Multiple Subcomponent Resource Identifier Traversal Arbitrary File Access
https://notcve.org/view.php?id=CVE-2013-3827
16 Oct 2013 — Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container. Vulnerabilidad no especificada en el componente de Oracle GlassFish Server en Oracle F... • https://www.exploit-db.com/exploits/38802 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •