CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21994
https://notcve.org/view.php?id=CVE-2023-21994
Vulnerability in the Oracle Mobile Security Suite product of Oracle Fusion Middleware (component: Android Mobile Authenticator App). Supported versions that are affected are Prior to 11.1.2.3.1. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Oracle Mobile Security Suite executes to compromise Oracle Mobile Security Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Mobile Security Suite accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpujul2023.html •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4899
https://notcve.org/view.php?id=CVE-2015-4899
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality via unknown vectors related to Security. Vulnerabilidad no especificada en el componente Oracle GlassFish Server en Oracle Fusion Middleware 3.0.1 y 3.1.2 permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con Security. • http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html http://www.securitytracker.com/id/1033875 •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-2598
https://notcve.org/view.php?id=CVE-2015-2598
Unspecified vulnerability in the mobile app in Oracle Business Intelligence Enterprise Edition in Oracle Fusion Middleware before 11.1.1.7.0 (11.6.39) allows remote authenticated users to affect integrity via unknown vectors related to Mobile - iPad. Vulnerabilidad no especificada en la aplicación móvil en Oracle Business Intelligence Enterprise Edition en Oracle Fusion Middleware en la versión anterior a 11.1.1.7.0 (11.6.39), permite a usuarios remotos autenticados afectar la integridad a través de vectores desconocidos relacionados con Móviles - iPad. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2623
https://notcve.org/view.php?id=CVE-2015-2623
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2, and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0, allows remote attackers to affect integrity via unknown vectors related to Java Server Faces. Vulnerabilidad no especificada en el componente Oracle GlassFish Server en Oracle Fusion Middleware 3.0.1 y 3.1.2, y en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0 y 12.1.3.0, permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con Java Server Faces. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securitytracker.com/id/1032953 •
CVSS: 7.5EPSS: 94%CPEs: 5EXPL: 0CVE-2015-4745 – Oracle Endeca Information Discovery Integrator ETL Server File Download Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-4745
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CVE-2015-2606. Vulnerabilidad no especificada en el componente Oracle Endeca Information Discovery Studio en Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0 y 3.1, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Integrator, una vulnerabilidad diferente a CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605 y CVE-2015-2606. This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Oracle Endeca Information Discovery. Authentication is required to exploit this vulnerability but an authentication bypass is known. The specific flaw exists within the handling of file downloads. The issue lies in the failure to sanitize the path of files to be downloaded. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/75750 http://www.zerodayinitiative.com/advisories/ZDI-15-357 •