JDK: XML4J xml entity expansion excessive memory use (XML)

The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service memory consumption via a crafted XML document that triggers expansion for many entities...

Important: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.1.2 update

An update for Red Hat JBoss Operations Network 3.1.2 that fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which...

CVE-2013-5813

Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, 11.1.1.7.0, and 11.1.1.8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Content Server...

CVE-2013-5815

Unspecified vulnerability in the Oracle Identity Analytics component in Oracle Fusion Middleware Oracle Identity Analytics 11.1.1.5 and Sun Role Manager 4.1 and 5.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security...

CVE-2013-5798

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0.0 and 11.1.2.1.0 allows remote attackers to affect integrity via unknown vectors related to End User Self Service...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Identity Analytics component in Oracle Fusion Middleware Oracle Identity Analytics 11.1.1.5 and Sun Role Manager 4.1 and 5.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0.0 and 11.1.2.1.0 allows remote attackers to affect integrity via unknown vectors related to End User Self Service...

Design/Logic Flaw

Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, 11.1.1.7.0, and 11.1.1.8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Content Server...

Buffer overflow

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote attackers to affect availability via unknown vectors related to Metro...

CVE-2013-5813

Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, 11.1.1.7.0, and 11.1.1.8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Content Server...

CVE-2013-5798

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0.0 and 11.1.2.1.0 allows remote attackers to affect integrity via unknown vectors related to End User Self Service...

CVE-2013-5816

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote attackers to affect availability via unknown vectors related to Metro...

CVE-2013-5815

CVE-2013-5815 affects the Oracle Identity Analytics component in Oracle Fusion Middleware Oracle Identity Analytics 11.1.1.5 and Sun Role Manager 4.1 and 5.0. The vulnerability is described as unspecified with impact on confidentiality, integrity, and availability and is exploitable via unknown v...

CVE-2013-5813

Technical details about CVE-2013-5813 are not publicly available in the supplied documents. No specific affected versions, vulnerability vector, impact, or patch information is provided here. Monitor for Oracle CPU advisories and vendor notices for updates.

CVE-2013-5798

CVE-2013-5798 affects Oracle Fusion Middleware’s Oracle Identity Manager (versions 11.1.2.0.0 and 11.1.2.1.0). The vulnerability relates to End User Self Service and allows remote modification of integrity via unknown vectors; exploitation details are not provided in the available documents. Orac...

CVE-2013-5816

Removed by vendor...

CVE-2013-5773

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5.0 allows remote attackers to affect integrity via unknown vectors related to Servlet Runtime...

CVE-2013-5791

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters. NOTE: the previous information is from the October 2013 CPU. Oracle has...

CVE-2013-3828

Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 10.1.3.5.0 and 11.1.1.6.0 allows remote attackers to affect confidentiality via unknown vectors related to Test Page...

CVE-2013-3836

Unspecified vulnerability in the Oracle Web Cache component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to ESI/Partial Page Caching...