Vulnerabilities > Oracle > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-12-16 | CVE-2014-5353 | Null Pointer Dereference vulnerability in multiple products The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy. | 3.5 |
| 2014-12-12 | CVE-2014-8134 | The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value. | 3.3 |
| 2014-11-24 | CVE-2014-8991 | pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user. | 2.1 |
| 2014-10-15 | CVE-2014-6487 | Remote Security vulnerability in Oracle Identity Manager Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote authenticated users to affect integrity via unknown vectors related to End User Self Service. network oracle | 3.5 |
| 2014-10-15 | CVE-2014-6488 | Remote Security vulnerability in Oracle products Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4 EM Plugin for DB: 12.1.0.4, 12.1.0.5, and 12.1.0.6 allows remote authenticated users to affect integrity via unknown vectors related to Content Management. | 2.1 |
| 2014-10-15 | CVE-2014-6502 | Unspecified vulnerability in Oracle JDK and JRE Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries. | 2.6 |
| 2014-10-15 | CVE-2014-6527 | Unspecified vulnerability in Oracle JRE 1.7.0/1.8.0 Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6476. | 2.6 |
| 2014-10-15 | CVE-2014-6536 | Remote Security vulnerability in Oracle Supply Chain products Suite 9.3.3 Unspecified vulnerability in the Agile PLM component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Security. network oracle | 3.5 |
| 2014-10-15 | CVE-2014-6540 | Local Security vulnerability in Oracle VM VirtualBox Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, before 4.2.26, and before 4.3.14 allows local users to affect availability via vectors related to Graphics driver (WDDM) for Windows guests. local oracle | 1.9 |
| 2014-10-15 | CVE-2014-6543 | Remote Security vulnerability in Oracle Supply Chain products Suite 9.3.3 Unspecified vulnerability in the Agile PLM component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect confidentiality and integrity via vectors related to ITEM (Item & BOM). | 3.6 |