Vulnerabilities > Oracle > Medium

DATE CVE VULNERABILITY TITLE RISK
2013-01-17 CVE-2013-0375 Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
network
low complexity
oracle mariadb canonical redhat
5.4
2012-10-16 CVE-2012-0518 Open Redirect vulnerability in Oracle Fusion Middleware 10.1.4.3
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175.
network
low complexity
oracle CWE-601
4.7
2011-12-30 CVE-2011-4461 Cryptographic Issues vulnerability in multiple products
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
network
low complexity
oracle mortbay CWE-310
5.3
2009-08-19 CVE-2009-2857 Improper Locking vulnerability in Oracle Opensolaris and Solaris
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file.
local
low complexity
oracle CWE-667
5.5
2005-07-18 CVE-2005-2293 Incomplete Cleanup vulnerability in Oracle Forms Builder 9.0.4
Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information.
local
low complexity
oracle CWE-459
5.5