Vulnerabilities > Oracle > Application Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-21 | CVE-2020-1967 | NULL Pointer Dereference vulnerability in multiple products Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. | 7.5 |
| 2018-11-15 | CVE-2018-5407 | Information Exposure Through Discrepancy vulnerability in multiple products Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. | 4.7 |
| 2018-10-29 | CVE-2018-0735 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. | 5.9 |
| 2010-01-13 | CVE-2010-0070 | Remote Oracle Containers for J2EE vulnerability in Oracle Application Server 10.1.2.3/10.1.3.4 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect integrity via unknown vectors. network oracle | 4.3 |
| 2010-01-13 | CVE-2010-0067 | Remote Oracle Containers for J2EE vulnerability in Oracle Application Server 10.1.2.3/10.1.3.4 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect confidentiality via unknown vectors. | 5.0 |
| 2010-01-13 | CVE-2010-0066 | Access Manager Identity Server Remote vulnerability in Oracle Application Server 10.1.4.2/7.0.4.3 Unspecified vulnerability in the Access Manager Identity Server component in Oracle Application Server 7.0.4.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors. | 5.0 |
| 2010-01-13 | CVE-2009-3412 | Local Unzip vulnerability in Oracle Application Server and Database Server Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local users to affect confidentiality via unknown vectors. | 1.0 |
| 2009-10-22 | CVE-2009-3407 | Remote Portal vulnerability in Oracle Application Server 10.1.2.3/10.1.4.2 Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-0983. network oracle | 4.3 |
| 2009-10-22 | CVE-2009-1999 | Remote vulnerability in Oracle Business Intelligence Enterprise Edition Unspecified vulnerability in the Business Intelligence Enterprise Edition component in unspecified Oracle Application Server versions allows remote attackers to affect integrity via unknown vectors. network oracle | 4.3 |
| 2009-10-22 | CVE-2009-1990 | Unspecified vulnerability in Oracle Application Server 10.1.3.4.1 Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors. | 1.7 |