Oracle

Application Server

198 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-1967

Exploit
  • EPSS 66.69%
  • Published 21.04.2020 14:15:11
  • Last modified 21.11.2024 05:11:45

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occur...

4.7

CVE-2018-5407

Exploit
  • EPSS 0.64%
  • Published 15.11.2018 21:29:00
  • Last modified 21.11.2024 04:08:45

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

5.9

CVE-2018-0735

  • EPSS 9.26%
  • Published 29.10.2018 13:29:00
  • Last modified 21.11.2024 03:38:50

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in Ope...

4.3

CVE-2010-0070

  • EPSS 0.64%
  • Published 13.01.2010 01:30:01
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect integrity via unknown vectors.

1

CVE-2009-3412

  • EPSS 0.24%
  • Published 13.01.2010 01:30:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local users to affect confidentiality via unknown vectors.

5

CVE-2010-0066

  • EPSS 0.64%
  • Published 13.01.2010 01:30:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Access Manager Identity Server component in Oracle Application Server 7.0.4.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors.

5

CVE-2010-0067

  • EPSS 0.66%
  • Published 13.01.2010 01:30:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect confidentiality via unknown vectors.

4.3

CVE-2009-3407

  • EPSS 3.13%
  • Published 22.10.2009 18:30:01
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-0983.

1.7

CVE-2009-1990

  • EPSS 0.11%
  • Published 22.10.2009 18:30:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors.

4.3

CVE-2009-1999

  • EPSS 1.12%
  • Published 22.10.2009 18:30:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Business Intelligence Enterprise Edition component in unspecified Oracle Application Server versions allows remote attackers to affect integrity via unknown vectors.