Vulnerabilities > Oracle
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-09-03 | CVE-2014-1563 | USE After Free vulnerability in multiple products Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection. | 10.0 |
| 2014-08-26 | CVE-2013-6335 | Improper Preservation of Permissions vulnerability in IBM Tivoli Storage Manager The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations. | 3.3 |
| 2014-07-23 | CVE-2014-1561 | Permissions, Privileges, and Access Controls vulnerability in multiple products Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization. | 5.8 |
| 2014-07-23 | CVE-2014-1557 | Code Injection vulnerability in multiple products The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image. | 9.3 |
| 2014-07-17 | CVE-2014-4271 | Remote Security vulnerability in Oracle Hyperion 11.1.2.2/11.1.2.3 Unspecified vulnerability in the Hyperion Essbase component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote attackers to affect availability via unknown vectors related to Agent. | 5.0 |
| 2014-07-17 | CVE-2014-4270 | Remote Security vulnerability in Oracle Hyperion 11.1.2.2/11.1.2.3 Unspecified vulnerability in the Hyperion Common Admin component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface, a different vulnerability than CVE-2014-4269. | 4.0 |
| 2014-07-17 | CVE-2014-4269 | Remote Security vulnerability in Oracle Hyperion 11.1.2.2/11.1.2.3 Unspecified vulnerability in the Hyperion Common Admin component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface, a different vulnerability than CVE-2014-4270. | 4.0 |
| 2014-07-17 | CVE-2014-4268 | Unspecified vulnerability in Oracle JDK and JRE Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing. | 5.0 |
| 2014-07-17 | CVE-2014-4267 | Remote Security vulnerability in Oracle WebLogic Server Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components. network oracle | 6.8 |
| 2014-07-17 | CVE-2014-4266 | Unspecified vulnerability in Oracle JDK and JRE Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability. | 5.0 |