Vulnerabilities > Oracle > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-04-21 | CVE-2016-0479 | Unspecified vulnerability in Oracle Business Intelligence 11.1.1.7.0/11.1.1.9.0/12.2.1.0.0 Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality and integrity via vectors related to Analytics Scorecard. | 6.1 |
| 2016-04-21 | CVE-2016-0469 | Unspecified vulnerability in Oracle Micros C2 9.89.0.0 Unspecified vulnerability in the Oracle Retail MICROS C2 component in Oracle Retail Applications 9.89.0.0 allows local users to affect confidentiality via vectors related to POS. | 5.5 |
| 2016-04-21 | CVE-2016-0468 | Unspecified vulnerability in Oracle Business Intelligence 11.1.1.7.0/11.1.1.9.0/12.2.1.0.0 Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web General. | 5.4 |
| 2016-04-21 | CVE-2016-0408 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.53/8.54/8.55 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 through 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to the Activity Guide sub-component. | 5.4 |
| 2016-04-21 | CVE-2016-0407 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.1/9.2 Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via vectors related to Fusion HR Talent Integration. | 6.5 |
| 2016-04-07 | CVE-2015-2774 | Information Exposure vulnerability in multiple products Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). | 5.9 |
| 2016-03-22 | CVE-2016-3115 | Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions. | 6.4 |
| 2016-03-13 | CVE-2016-1965 | 7PK - Security Features vulnerability in multiple products Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property. | 4.3 |
| 2016-03-13 | CVE-2016-1958 | 7PK - Security Features vulnerability in multiple products browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL. | 4.3 |
| 2016-03-13 | CVE-2016-1957 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array. | 4.3 |