Vulnerabilities > Oracle > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-07-17 | CVE-2011-3562 | Unspecified vulnerability in Oracle Fusion Middleware 11.1.1.5.0/11.1.1.6.0/11.1.2.0 Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect integrity via unknown vectors. network oracle | 4.3 |
| 2012-07-03 | CVE-2012-0876 | Resource Exhaustion vulnerability in multiple products The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. | 4.3 |
| 2012-06-26 | CVE-2012-2122 | Improper Authentication vulnerability in multiple products sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value. | 5.1 |
| 2012-06-16 | CVE-2012-1726 | Remote Java Runtime Environment vulnerability in Oracle JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. | 6.4 |
| 2012-06-16 | CVE-2012-1724 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect availability, related to JAXP. | 5.0 |
| 2012-06-16 | CVE-2012-1719 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA. | 5.0 |
| 2012-06-16 | CVE-2012-1718 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect availability via unknown vectors related to Security. | 5.0 |
| 2012-05-03 | CVE-2012-1708 | Remote Application Express vulnerability in Oracle Database Server 4.0/4.1 Unspecified vulnerability in the Application Express component in Oracle Database Server 4.0 and 4.1 allows remote attackers to affect integrity via unknown vectors. network oracle | 4.3 |
| 2012-05-03 | CVE-2012-1707 | Remote vulnerability in Oracle FLEXCUBE Direct Banking Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Core-Base, a different vulnerability than CVE-2012-1704. | 4.0 |
| 2012-05-03 | CVE-2012-1706 | Remote vulnerability in Oracle FLEXCUBE Direct Banking Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Logging. | 4.7 |