Vulnerabilities > Oracle

DATE CVE VULNERABILITY TITLE RISK
2016-04-25 CVE-2016-4051 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data.
network
low complexity
canonical oracle squid-cache CWE-119
8.8
2016-04-25 CVE-2016-4085 Improper Input Validation vulnerability in multiple products
Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet.
network
high complexity
oracle debian wireshark CWE-20
5.9
2016-04-25 CVE-2016-4082 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted packet.
network
high complexity
wireshark debian oracle CWE-119
5.9
2016-04-25 CVE-2016-4079 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted packet.
network
high complexity
debian oracle wireshark CWE-119
5.9
2016-04-21 CVE-2016-3466 Unspecified vulnerability in Oracle Field Service 12.1.1/12.1.2/12.1.3
Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Wireless.
network
low complexity
oracle
critical
9.1
2016-04-21 CVE-2016-3465 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to ZFS.
local
low complexity
oracle
5.5
2016-04-21 CVE-2016-3464 Unspecified vulnerability in Oracle Flexcube Direct Banking 12.0.3
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to Accounts.
network
low complexity
oracle
5.7
2016-04-21 CVE-2016-3463 Unspecified vulnerability in Oracle Flexcube Direct Banking 12.0.3
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to Pre-Login.
network
low complexity
oracle
6.1
2016-04-21 CVE-2016-3462 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Network Configuration Service.
local
low complexity
oracle
5.5
2016-04-21 CVE-2016-3461 Unspecified vulnerability in Oracle Mysql Enterprise Monitor 3.0.25/3.1.2
Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality, integrity, and availability via vectors related to Monitoring: Server.
network
low complexity
oracle
7.2