Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Filtered by product Application Server
Total 199 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-5517 1 Oracle 2 Application Server, Collaboration Suite 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2 and 10.1.4.1, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS02.
CVE-2007-5516 1 Oracle 1 Application Server 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in the Oracle Process Mgmt & Notification component in Oracle Application Server 10.1.3.3 has unknown impact and remote attack vectors, aka AS01.
CVE-2007-3863 1 Oracle 2 Application Server, Collaboration Suite 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in Oracle JDeveloper for Application Server 10.1.2.2 and 10.1.3.1, and Collaboration Suite 10.1.2, allows context-dependent attackers to have an unknown impact via custom applications that use JBO.SERVER, aka JDEV02.
CVE-2007-3862 1 Oracle 1 Application Server 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 allows remote attackers to have an unknown impact via Oracle Single Sign On, aka AS01.
CVE-2007-3861 1 Oracle 2 Application Server, Collaboration Suite 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in Oracle Jdeveloper in Oracle Application Server 10.1.2.2 and Collaboration Suite 10.1.2 allows context-dependent attackers to have an unknown impact via custom applications that use JBO.KEY, aka JDEV01.
CVE-2007-3859 1 Oracle 3 Application Server, Collaboration Suite, Database Server 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in the Oracle Internet Directory component for Oracle Database 9.2.0.8 and 9.2.0.8DV; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 10.1.2 has unknown impact and remote attack vectors, aka OID01.
CVE-2007-3854 1 Oracle 9 Apex, Application Server, Collaboration Suite and 6 more 2024-11-21 5.5 MEDIUM N/A
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has not disputed reliable researcher claims that DB02 is for SQL injection and DB12 is for a buffer overflow.
CVE-2007-3553 1 Oracle 2 Application Server, Rapid Install Web Server 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Rapid Install Web Server in Oracle Application Server 11i allows remote attackers to inject arbitrary web script or HTML via a URL to the "Secondary Login Page", as demonstrated using (1) pls/ and (2) pls/MSBEP004/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-2130 1 Oracle 4 Application Server, Collaboration Suite, Database Server and 1 more 2024-11-21 9.0 HIGH N/A
Unspecified vulnerability in Workflow Cartridge, as used in Oracle Database Server 9.2.0.1, 10.1.0.2, and 10.2.0.1; Application Server 9.0.4.3 and 10.1.2.0.2; Collaboration Suite 10.1.2; and E-Business Suite; has unknown impact and remote authenticated attack vectors, aka OWF01.
CVE-2007-2124 1 Oracle 1 Application Server 2024-11-21 10.0 HIGH N/A
Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.4.1.0 has unknown impact and remote attack vectors, aka AS05.
CVE-2007-2123 1 Oracle 1 Application Server 2024-11-21 10.0 HIGH N/A
Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.3 up to 10.1.3.2.0, 10.1.2 up to 10.1.2.2.0, and 9.0.4.3 has unknown impact and attack vectors, aka AS04.
CVE-2007-2122 1 Oracle 1 Application Server 2024-11-21 10.0 HIGH N/A
Unspecified vulnerability in the Wireless component in Oracle Application Server 9.0.4.3 has unknown impact and attack vectors, aka AS03.
CVE-2007-2121 1 Oracle 1 Application Server 2024-11-21 10.0 HIGH N/A
Unspecified vulnerability in the COREid Access component in Oracle Application Server 7.0.4.4 has unknown impact and attack vectors, aka AS02.
CVE-2007-2120 1 Oracle 1 Application Server 2024-11-21 7.8 HIGH N/A
The Oracle Discoverer servlet in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to shut down an Oracle TNS Listener via a TNS STOP command in a request that uses the database/TNS alias, aka AS01.
CVE-2007-2119 1 Oracle 2 Application Server, Database Server 2024-11-21 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in boundary_rules.jsp in the Administration Front End for Oracle Enterprise (Ultra) Search, as used in Database Server 9.2.0.8, 10.1.0.5, and 10.2.0.2, and in Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to inject arbitrary HTML or web script via the EXPTYPE parameter, aka SES01.
CVE-2007-1609 1 Oracle 1 Application Server 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in servlet/Spy in Dynamic Monitoring Services (DMS) in Oracle Application Server (OAS) 10g 10.1.2.0.0 allows remote attackers to inject arbitrary web script or HTML via the table parameter. NOTE: This may be related to CVE-2002-0563.
CVE-2007-0289 1 Oracle 1 Application Server 2024-11-21 6.4 MEDIUM N/A
Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and attack vectors related to Oracle Containers for J2EE, aka (1) OC4J01, (2) OC4J05, and (3) OC4J06.
CVE-2007-0288 1 Oracle 1 Application Server 2024-11-21 1.7 LOW N/A
Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vectors related to Oracle Internet Directory, aka OID01.
CVE-2007-0287 1 Oracle 2 Application Server, Collaboration Suite 2024-11-21 1.7 LOW N/A
Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to Containers for J2EE, aka OC4J08.
CVE-2007-0286 1 Oracle 2 Application Server, Collaboration Suite 2024-11-21 2.6 LOW N/A
Unspecified vulnerability in Oracle Application Server 10.1.2.0.2 and 10.1.3.0, and Collaboration Suite 10.1.2, has unknown impact and attack vectors related to Containers for J2EE, aka OC4J07.