CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 0CVE-2014-2479
https://notcve.org/view.php?id=CVE-2014-2479
17 Jul 2014 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS - Web Services. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, y 12.1.2.0 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores descono... • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 9.1EPSS: 1%CPEs: 3EXPL: 0CVE-2014-2493
https://notcve.org/view.php?id=CVE-2014-2493
17 Jul 2014 — Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.2.4.0, and 12.1.2.0.0 allows remote attackers to affect confidentiality and availability via vectors related to ADF Faces. Vulnerabilidad no especificada en el componente Oracle JDeveloper en Oracle Fusion Middleware 11.1.1.7.0, 11.1.2.4.0, y 12.1.2.0.0 permite a atacantes remotos afectar la confidencialidad y disponibilidad a través de vectores desconocidos relacionados con ADF Faces. • http://seclists.org/fulldisclosure/2014/Dec/23 •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2014-0191 – libxml2: external parameter entity loaded when entity substitution is disabled
https://notcve.org/view.php?id=CVE-2014-0191
12 May 2014 — The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document. La función xmlParserHandlePEReference en parser.c en libxml2 en versiones anteriores a 2.9.2, ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 0CVE-2014-2470
https://notcve.org/view.php?id=CVE-2014-2470
16 Apr 2014 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Security. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, y 12.1.2.0 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionado... • http://secunia.com/advisories/59847 •
CVSS: 7.5EPSS: 97%CPEs: 1EXPL: 3CVE-2014-2424 – Oracle Event Processing FileUploadServlet Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-2424
16 Apr 2014 — Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system. Vulnerabilidad no especificada en el componente Oracle Event Processing en Oracle Fusion Middleware 11.1.1.7.0 permite a los usuarios remotos autenticados afectar a la integridad a través de vectores relacionados con CEP system. This vulnerability allows remote attackers to execute arbitrary code on vulnerable insta... • https://packetstorm.news/files/id/127365 •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2014-2404 – Oracle Access Manager Information Disclosure
https://notcve.org/view.php?id=CVE-2014-2404
16 Apr 2014 — Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to WebGate. Vulnerabilidad no especificada en el componente Oracle Access Manager en Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, y 11.1.2.2.0 permite a usuarios remotos autenticados afectar la co... • http://packetstormsecurity.com/files/127047/Oracle-Access-Manager-Information-Disclosure.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-0450
https://notcve.org/view.php?id=CVE-2014-0450
15 Apr 2014 — Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect confidentiality via unknown vectors related to People Connection. Vulnerabilidad no especificada en el componente Oracle WebCenter Portal en Oracle Fusion Middleware 11.1.1.7 y 11.1.1.8 permite a usuarios remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con People Connection. • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2014-0400
https://notcve.org/view.php?id=CVE-2014-0400
15 Jan 2014 — Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to OID LDAP server. Vulnerabilidad no especificada en el componente Oracle Internet Directory de Oracle Fusion Middleware 11.1.1.6 y 11.1.1.7 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores relacionados con OID LDAP server. • http://osvdb.org/102112 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-0391
https://notcve.org/view.php?id=CVE-2014-0391
15 Jan 2014 — Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to End User Self Service. Vulnerabilidad no especificada en el componente Oracle Identity Manager de Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0 y 11.1.2.1 que permite a los atacantes remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con el autoservic... • http://osvdb.org/102099 •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2013-5900
https://notcve.org/view.php?id=CVE-2013-5900
15 Jan 2014 — Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect integrity via unknown vectors related to End User Self Service. Vulnerabilidad no especificada en el componente Oracle Identity Manager en Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0 y 11.1.2.1 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con End User Self Service. • http://osvdb.org/102100 •