Vulnerabilities > Oracle
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-01-27 | CVE-2016-2047 | 7PK - Security Features vulnerability in multiple products The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com." | 4.3 |
| 2016-01-22 | CVE-2015-6015 | Local Security vulnerability in Oracle Outside in Technology 8.5.0/8.5.1/8.5.2 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2016-0432. | 10.0 |
| 2016-01-22 | CVE-2015-6014 | Local Security vulnerability in Oracle Outside in Technology 8.5.0/8.5.1/8.5.2 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6015, and CVE-2016-0432. | 10.0 |
| 2016-01-22 | CVE-2015-6013 | Local Security vulnerability in Oracle Outside in Technology 8.5.0/8.5.1/8.5.2 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6014, CVE-2015-6015, and CVE-2016-0432. | 10.0 |
| 2016-01-21 | CVE-2016-0618 | Local Security vulnerability in Oracle Solaris 11 Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via unknown vectors related to Zones. | 1.4 |
| 2016-01-21 | CVE-2016-0616 | Remote Security vulnerability in Oracle MySQL Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer. | 4.0 |
| 2016-01-21 | CVE-2016-0614 | Remote Security vulnerability in Oracle Business Intelligence Publisher 11.1.1.7.0/11.1.1.9.0/12.2.1.0.0 Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors. | 4.0 |
| 2016-01-21 | CVE-2016-0611 | Improper Access Control vulnerability in multiple products Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer. | 4.0 |
| 2016-01-21 | CVE-2016-0610 | Remote Security vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB. | 3.5 |
| 2016-01-21 | CVE-2016-0609 | Remote Security vulnerability in Oracle MySQL Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges. | 1.7 |