Vulnerabilities > Oracle > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-03-28 | CVE-2013-1861 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error. | 5.0 |
| 2013-03-18 | CVE-2013-1495 | Link Following vulnerability in Oracle Support Tools asr in Oracle Auto Service Request in Oracle Support Tools before 4.3.2 allows local users to modify arbitrary files via a symlink attack on a predictable filename in /tmp. | 6.9 |
| 2013-03-15 | CVE-2013-2566 | Inadequate Encryption Strength vulnerability in multiple products The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. | 4.3 |
| 2013-02-20 | CVE-2013-1485 | Security Bypass vulnerability in Oracle JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | 5.0 |
| 2013-02-02 | CVE-2013-1473 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect integrity via unknown vectors related to Deployment. | 5.0 |
| 2013-02-02 | CVE-2013-0449 | Java Runtime Environment Remote Security vulnerability in Oracle JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | 5.0 |
| 2013-02-02 | CVE-2013-0448 | Remote Java Runtime Environment vulnerability in Oracle JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect integrity via unknown vectors related to Libraries. | 5.0 |
| 2013-02-02 | CVE-2013-0443 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. | 4.0 |
| 2013-02-02 | CVE-2013-0440 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. | 5.0 |
| 2013-02-02 | CVE-2013-0438 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | 4.3 |