Filtered by vendor Oracle
Subscriptions
Total
10438 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-9496 | 5 Canonical, Debian, Libsndfile Project and 2 more | 5 Ubuntu Linux, Debian Linux, Libsndfile and 2 more | 2025-04-12 | N/A |
| The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read. | ||||
| CVE-2014-9659 | 5 Canonical, Fedoraproject, Freetype and 2 more | 5 Ubuntu Linux, Fedora, Freetype and 2 more | 2025-04-12 | N/A |
| cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240. | ||||
| CVE-2013-4312 | 3 Linux, Oracle, Redhat | 4 Linux Kernel, Linux, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c. | ||||
| CVE-2016-0688 | 1 Oracle | 1 Weblogic Server | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to Core Components. | ||||
| CVE-2014-0397 | 1 Oracle | 1 Solaris | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10 and 11.1 have unspecified impact and attack vectors related to "Buffer errors." | ||||
| CVE-2014-0413 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0426. | ||||
| CVE-2014-0414 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality via vectors related to HTTP Request Handling. | ||||
| CVE-2014-0426 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0413. | ||||
| CVE-2014-0436 | 1 Oracle | 1 Hyperion | 2025-04-12 | N/A |
| Unspecified vulnerability in the Hyperion BI+ component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote attackers to affect integrity via unknown vectors related to Web Analysis. | ||||
| CVE-2014-0450 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect confidentiality via unknown vectors related to People Connection. | ||||
| CVE-2014-0462 | 3 Canonical, Debian, Oracle | 3 Ubuntu Linux, Debian Linux, Openjdk | 2025-04-12 | N/A |
| Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405. | ||||
| CVE-2014-0464 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 8 allows remote attackers to affect confidentiality via unknown vectors related to Scripting, a different vulnerability than CVE-2014-0463. | ||||
| CVE-2014-0465 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via unknown vectors related to Admin Console. | ||||
| CVE-2014-1498 | 5 Mozilla, Opensuse, Opensuse Project and 2 more | 8 Firefox, Seamonkey, Opensuse and 5 more | 2025-04-12 | N/A |
| The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm. | ||||
| CVE-2014-1499 | 5 Mozilla, Opensuse, Opensuse Project and 2 more | 8 Firefox, Seamonkey, Opensuse and 5 more | 2025-04-12 | N/A |
| Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt. | ||||
| CVE-2014-1500 | 5 Mozilla, Opensuse, Opensuse Project and 2 more | 8 Firefox, Seamonkey, Opensuse and 5 more | 2025-04-12 | N/A |
| Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution. | ||||
| CVE-2014-1501 | 4 Google, Mozilla, Oracle and 1 more | 6 Android, Firefox, Solaris and 3 more | 2025-04-12 | N/A |
| Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection. | ||||
| CVE-2014-1506 | 3 Google, Mozilla, Oracle | 3 Android, Firefox, Solaris | 2025-04-12 | N/A |
| Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments. | ||||
| CVE-2014-1507 | 2 Mozilla, Oracle | 2 Firefoxos, Solaris | 2025-04-12 | N/A |
| Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object. | ||||
| CVE-2014-1528 | 7 Canonical, Fedoraproject, Microsoft and 4 more | 8 Ubuntu Linux, Fedora, Windows and 5 more | 2025-04-12 | N/A |
| The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element. | ||||