Vulnerabilities > Oracle
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-04-30 | CVE-2014-1528 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element. network low complexity canonical opensuse opensuse-project oracle mozilla microsoft fedoraproject CWE-119 critical | 10.0 |
| 2014-04-30 | CVE-2014-1527 | Security vulnerability in Mozilla Firefox for Android Mozilla Firefox before 29.0 on Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses DOM events to prevent the reemergence of the actual address bar after scrolling has taken it off of the screen. | 5.0 |
| 2014-04-17 | CVE-2014-2880 | Improper Input Validation vulnerability in Oracle Identity Manager 11.1.2.1.0 Open redirect vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backUrl parameter in a changepwd action to identity/faces/firstlogin. | 5.8 |
| 2014-04-17 | CVE-2014-2469 | Remote Denial of Service vulnerability in Oracle Sunos 5.11.1 Unspecified vulnerability in lighttpd in Oracle Solaris 11.1 allows attackers to cause a denial of service via unknown vectors. | 5.0 |
| 2014-04-16 | CVE-2014-2471 | Remote Security vulnerability in Oracle Ilearning 6.0/6.1 Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect integrity via unknown vectors related to Learner Pages. network oracle | 4.3 |
| 2014-04-16 | CVE-2014-2470 | Remote Security vulnerability in Oracle WebLogic Server Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Security. | 7.5 |
| 2014-04-16 | CVE-2014-2468 | Remote Security vulnerability in Oracle Siebel CRM 8.1.1/8.2.2 Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via vectors related to Open_UI, a different vulnerability than CVE-2014-4230. network oracle | 4.3 |
| 2014-04-16 | CVE-2014-2467 | Remote Security vulnerability in Oracle Supply Chain products Suite 9.3.3 Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulnerability than CVE-2014-2445. network oracle | 3.5 |
| 2014-04-16 | CVE-2014-2466 | Remote Security vulnerability in Oracle Supply Chain products Suite 9.3.3 Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Security. | 2.1 |
| 2014-04-16 | CVE-2014-2465 | Remote Security vulnerability in Oracle Supply Chain products Suite 9.3.3 Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote attackers to affect integrity via unknown vectors related to Security. network oracle | 4.3 |