Oracle Application_server
199 CVEs affecting Oracle Application_server. Latest disclosed: 2020-04-21. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2004-1363 | Critical | 9.8 | 2004-08-04 | Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded af… |
CVE-2020-1967 | High | 7.5 | 2020-04-21 | Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a res… |
CVE-2018-0735 | Medium | 5.9 | 2018-10-29 | The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorith… |
CVE-2018-5407 | Medium | 4.7 | 2018-11-15 | Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'p… |
CVE-2010-0070 | | 2010-01-13 | Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect inte… | |
CVE-2010-0067 | | 2010-01-13 | Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect conf… | |
CVE-2010-0066 | | 2010-01-13 | Unspecified vulnerability in the Access Manager Identity Server component in Oracle Application Server 7.0.4.3 and 10.1.4.2 allows remote attackers to affect i… | |
CVE-2009-3412 | | 2010-01-13 | Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local user… | |
CVE-2009-3407 | | 2009-10-22 | Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown ve… | |
CVE-2009-1999 | | 2009-10-22 | Unspecified vulnerability in the Business Intelligence Enterprise Edition component in unspecified Oracle Application Server versions allows remote attackers t… | |
CVE-2009-1990 | | 2009-10-22 | Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confid… | |
CVE-2008-7237 | | 2009-09-14 | Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows remote authenticated users to aff… | |
CVE-2008-7236 | | 2009-09-14 | Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 and 10.1.3.1 allows remote attackers to affect integrity via… | |
CVE-2008-7235 | | 2009-09-14 | Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E-Business Suite 12.0.3 allows remote attackers to affect int… | |
CVE-2008-7234 | | 2009-09-14 | Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affec… | |
CVE-2008-7233 | | 2009-09-14 | Unspecified vulnerability in the E-Business Application client, as used in Oracle Application Server 1.1.8.26 and E-Business Suite 11.5.10.2, allows remote att… | |
CVE-2009-1976 | | 2009-07-14 | Unspecified vulnerability in the HTTP Server component in Oracle Application Server 10.1.2.3 allows remote attackers to affect integrity via unknown vectors. | |
CVE-2009-0217 | | 2009-07-14 | The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tool… | |
CVE-2009-1017 | | 2009-04-15 | Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated us… | |
CVE-2009-1011 | | 2009-04-15 | Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, int… |