Skip to main content
CVE-2015-0459 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.0% and no vendor patch available.

Information Disclosure Java Oracle Jdk Jre +3
NVD
CVSS 2.0
10.0
EPSS
10.0%
CVE-2015-0469 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
8.6%
CVE-2015-0491 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre +3
NVD
CVSS 2.0
10.0
EPSS
7.9%
CVE-2015-0460 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
9.3
EPSS
5.3%
CVE-2015-0492 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Opensuse Linux Enterprise Server +3
NVD
CVSS 2.0
9.3
EPSS
2.0%
CVE-2015-0457 CRITICAL PATCH Act Now

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Database Server
NVD
CVSS 2.0
9.0
EPSS
0.5%
CVE-2015-0458 HIGH This Week

Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre +2
NVD
CVSS 2.0
7.6
EPSS
7.5%
CVE-2015-2572 MEDIUM POC PATCH This Month

Unspecified vulnerability in the Oracle Hyperion Smart View for Office component in Oracle Hyperion 11.1.2.5.216 and earlier, when running on Windows, allows local users to affect confidentiality,. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available.

Oracle Information Disclosure Microsoft Hyperion Smart View For Office
NVD Exploit-DB
CVSS 2.0
4.6
EPSS
0.5%
CVE-2013-7439 HIGH PATCH This Week

Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Libx11 Ubuntu Linux Debian Linux X11
NVD
CVSS 2.0
7.5
EPSS
1.9%
CVE-2015-0495 HIGH This Week

Unspecified vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce Platform 3.x and 11.x allows remote attackers to affect. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Commerce Guided Search And Experience Manager
NVD
CVSS 2.0
7.5
EPSS
0.7%
CVE-2015-2578 HIGH PATCH This Week

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows remote attackers to affect availability via vectors related to Kernel IDMap. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Information Disclosure Oracle Solaris
NVD
CVSS 2.0
7.1
EPSS
1.4%
CVE-2015-0480 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
5.8
EPSS
7.5%
CVE-2015-0448 HIGH PATCH This Week

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to ZFS File system. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 2.0
7.2
EPSS
0.2%
CVE-2015-2577 HIGH PATCH This Week

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Accounting commands. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 2.0
7.2
EPSS
0.2%
CVE-2015-0461 HIGH This Week

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 and 11.1.1.7 allows remote authenticated users to affect confidentiality and integrity via. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
7.0
EPSS
0.3%
CVE-2015-0484 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre +3
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-1821 MEDIUM PATCH This Month

Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE Buffer Overflow Chrony Debian Linux
NVD
CVSS 2.0
6.5
EPSS
2.6%
CVE-2015-1822 MEDIUM PATCH This Month

chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service Debian Linux Chrony
NVD
CVSS 2.0
6.5
EPSS
2.1%
CVE-2015-0455 MEDIUM This Month

Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Database Server
NVD
CVSS 2.0
6.8
EPSS
0.3%
CVE-2015-0488 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jrockit Jdk +1
NVD
CVSS 2.0
5.0
EPSS
8.7%
CVE-2015-2570 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Demand Planning component in Oracle Supply Chain Products Suite 11.5.10, 12.0, 12.1, and 12.2 allows remote authenticated users to affect confidentiality,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Supply Chain Products Suite
NVD
CVSS 2.0
6.5
EPSS
0.9%
CVE-2015-1314 LOW POC Monitor

The USAA Mobile Banking application before 7.10.1 for Android displays the most recently-used screen before prompting the user for login, which might allow physically proximate users to obtain. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Google Information Disclosure Mobile Banking
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-0482 MEDIUM This Month

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.2.0 and 12.1.3.0 allows remote authenticated users to affect confidentiality, integrity, and. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
6.0
EPSS
0.4%
CVE-2015-0501 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Junos Space MySQL Debian Linux +11
NVD
CVSS 2.0
5.7
EPSS
1.7%
CVE-2015-2568 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security :. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Solaris Communications Policy Management MySQL +12
NVD
CVSS 2.0
5.0
EPSS
4.0%
CVE-2015-0493 LOW POC Monitor

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to. Rated low severity (CVSS 1.5). Public exploit code available and no vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD Exploit-DB
CVSS 2.0
1.5
EPSS
0.7%
CVE-2015-0474 LOW POC Monitor

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to. Rated low severity (CVSS 1.5). Public exploit code available and no vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD Exploit-DB
CVSS 2.0
1.5
EPSS
0.5%
CVE-2015-0476 MEDIUM This Month

Unspecified vulnerability in the SQL Trace Analyzer component in Oracle Support Tools before 12.1.11 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Sql Trace Analyzer
NVD
CVSS 2.0
5.5
EPSS
0.2%
CVE-2015-2575 MEDIUM PATCH This Month

Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Information Disclosure Oracle Debian Linux Linux Enterprise Desktop Linux Enterprise Server +2
NVD
CVSS 2.0
4.9
EPSS
1.8%
CVE-2015-3323 MEDIUM This Month

The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Thinkserver System Manager Baseboard Management Controller Firmware
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2015-0478 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Jrockit Jdk +1
NVD
CVSS 2.0
4.3
EPSS
4.1%
CVE-2015-0449 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect integrity via unknown vectors related. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-3319 MEDIUM This Month

Hotspot Express hotEx Billing Manager 73 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hotex Billing Manager
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-0486 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre +1
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-0464 MEDIUM This Month

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, and 6.3.6 allows remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Supply Chain Products Suite
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-0440 MEDIUM This Month

Unspecified vulnerability in the Oracle Knowledge component in Oracle Right Now Service Cloud 8.2.3.10.1 and 8.4.7.2 allows remote attackers to affect integrity via unknown vectors related to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Right Now Service Cloud
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-0477 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
4.3
EPSS
3.8%
CVE-2015-3322 MEDIUM PATCH This Month

Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Lenovo Thinkserver Rd650 Firmware Thinkserver Rd650 Thinkserver Td350 Firmware +7
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-0490 MEDIUM This Month

Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 allows remote authenticated users to affect confidentiality and. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Supply Chain Products Suite
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2015-0470 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect integrity via unknown vectors related to Hotspot. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
4.3
EPSS
1.7%
CVE-2015-0471 MEDIUM This Month

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to libelfsign. Rated medium severity (CVSS 4.4). No vendor patch available.

Information Disclosure Oracle Solaris
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2015-2565 MEDIUM This Month

Unspecified vulnerability in the Oracle Installed Base component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-0466 MEDIUM This Month

Unspecified vulnerability in the Oracle Retail Back Office component in Oracle Retail Applications 12.0, 12.0IN, 13.0, 13.1, 13.2, 13.3, 13.4, 14.0, and 14.1 allows remote attackers to affect. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Information Disclosure Microsoft Retail Applications
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-0447 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-0502 MEDIUM This Month

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1 and 8.2 allows remote attackers to affect integrity via unknown vectors related to Portal Framework. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-0473 MEDIUM This Month

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control MOS 12.1.0.5 and 12.1.0.6 allows remote attackers to affect integrity via unknown. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Enterprise Manager Grid Control
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-0456 MEDIUM This Month

Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to Portlet Services. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-0452 MEDIUM This Month

Unspecified vulnerability in the Oracle VM Server for SPARC component in Oracle Sun Systems Products Suite 3.1 and 3.2 allows remote attackers to affect confidentiality via unknown vectors related to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Vm Server
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0510 MEDIUM This Month

Unspecified vulnerability in the Oracle Commerce Platform component in Oracle Commerce Platform 9.4, 10.0, and 10.2 allows remote attackers to affect integrity via vectors related to Dynamo. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Commerce Platform
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0509 MEDIUM This Month

Unspecified vulnerability in the Oracle Hyperion BI+ component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote attackers to affect integrity via unknown vectors related to Reporting and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Hyperion
NVD
CVSS 2.0
4.3
EPSS
0.3%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy