Design/Logic Flaw

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality via vectors related to HTTP Request Handling...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0413...

Design/Logic Flaw

Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect confidentiality via unknown vectors related to People Connection...

CVE-2014-0413

CVE-2014-0413 affects Oracle Fusion Middleware 10.1.3.5’s Oracle Containers for J2EE component. The vulnerability arises in HTTP request handling, enabling remote attackers to impact integrity. This entry is a separate issue from CVE-2014-0426. Connected sources confirm affected product/component...

CVE-2014-0426

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0413...

CVE-2014-0450

Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect confidentiality via unknown vectors related to People Connection...

CVE-2014-0414

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality via vectors related to HTTP Request Handling...

CVE-2014-0450

CVE-2014-0450 affects Oracle WebCenter Portal within Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8. It is described as an unspecified information-disclosure vulnerability in the People Connection subcomponent that could allow a remote attacker to affect confidentiality via unknown vectors. The p...

CVE-2014-0426

Technical details for CVE-2014-0426 are not publicly provided in the supplied documents. No explicit affected product version, root cause, or remediation are disclosed here. Monitor for updates from official advisories.

CVE-2014-0414

CVE-2014-0414 affects Oracle Containers for J2EE (Oracle Fusion Middleware 10.1.3.5). The connected sources describe a null byte injection vulnerability in the path handling when transferring a request to another static page or JSP via pageContext.forward or jsp:forward, which can lead to script ...

CVE-2014-0413

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0426...

CVE-2014-0105

The authtoken middleware in the OpenStack Python client library for Keystone aka python-keystoneclient before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain privileges in opportunistic circumstances via a large number of requests, relat...

CVE-2014-0105

The CVE-2014-0105 issue affects python-keystoneclient

CVE-2014-0105

The authtoken middleware in the OpenStack Python client library for Keystone aka python-keystoneclient before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain privileges in opportunistic circumstances via a large number of requests, relat...

python-keystoneclient: Potential context confusion in Keystone middleware

The authtoken middleware in the OpenStack Python client library for Keystone aka python-keystoneclient before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain privileges in opportunistic circumstances via a large number of requests, relat...

Moderate: Red Hat Security Advisory: openstack-swift security update

Updated openstack-swift packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

Oracle Fusion Middleware Remote File Inclusion

A remote file inclusion vulnerability has been reported in the Oracle Reports component of Oracle Fusion Middleware. The vulnerability is due to incorrect website configuration that could allow a remote attacker to execute unauthenticated network attacks over HTTP...

Oracle Fusion Middleware Showenv Servlet Information Disclosure (CVE-2012-3152; CVE-2012-3153)

An information disclosure vulnerability has been reported in the Oracle Reports component of Oracle Fusion Middleware. The vulnerability is due to incorrect website configuration that could allow a remote attacker to execute unauthenticated network attacks over HTTP...

Oracle Fusion Middleware Showmap Servlet Information Disclosure (CVE-2012-3152; CVE-2012-3153)

An information disclosure vulnerability has been reported in the Oracle Reports component of Oracle Fusion Middleware. The vulnerability is due to incorrect website configuration that could allow a remote attacker to execute unauthenticated network attacks over HTTP...

Oracle Forms and Reports Database Vulnerability

Oracle Forms and Reports Database Vulnerability SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...