Vulnerabilities > Oracle > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-04-21 | CVE-2016-0641 | Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM. | 5.1 |
2016-04-21 | CVE-2016-0640 | Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML. | 6.1 |
2016-04-21 | CVE-2016-0623 | Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect integrity via vectors related to the Automated Installer sub-component. | 4.7 |
2016-04-21 | CVE-2016-0479 | Unspecified vulnerability in Oracle Business Intelligence 11.1.1.7.0/11.1.1.9.0/12.2.1.0.0 Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality and integrity via vectors related to Analytics Scorecard. | 6.1 |
2016-04-21 | CVE-2016-0469 | Unspecified vulnerability in Oracle Micros C2 9.89.0.0 Unspecified vulnerability in the Oracle Retail MICROS C2 component in Oracle Retail Applications 9.89.0.0 allows local users to affect confidentiality via vectors related to POS. | 5.5 |
2016-04-21 | CVE-2016-0468 | Unspecified vulnerability in Oracle Business Intelligence 11.1.1.7.0/11.1.1.9.0/12.2.1.0.0 Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web General. | 5.4 |
2016-04-21 | CVE-2016-0408 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.53/8.54/8.55 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 through 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to the Activity Guide sub-component. | 5.4 |
2016-04-21 | CVE-2016-0407 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.1/9.2 Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via vectors related to Fusion HR Talent Integration. | 6.5 |
2016-04-07 | CVE-2015-2774 | Information Exposure vulnerability in multiple products Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). | 5.9 |
2016-03-22 | CVE-2016-3115 | Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions. | 6.4 |