cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-21890,https://securityvulnerability.io/vulnerability/CVE-2023-21890,Critical Network Vulnerability in Oracle Communications Converged Application Server,"A serious vulnerability exists in the Oracle Communications Converged Application Server, where an unauthenticated attacker can exploit the server via UDP network access. This flaw affects versions 7.1.0 and 8.0.0, allowing attackers to potentially take control of the system. If successfully exploited, the vulnerability can significantly compromise the confidentiality, integrity, and availability of the server, posing a major risk to organizations utilizing Oracle's communication products.",Oracle,Communications Converged Application Server,9.8,CRITICAL,0.003860000055283308,false,false,false,false,,false,false,2023-01-18T00:15:00.000Z,0
CVE-2015-2808,https://securityvulnerability.io/vulnerability/CVE-2015-2808,,"The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the ""Bar Mitzvah"" issue.",Oracle,"Http Server,Integrated Lights Out Manager Firmware,Communications Application Session Controller,Communications Policy Management",,,0.004379999823868275,false,false,false,false,,false,false,2015-04-01T00:00:00.000Z,0
CVE-2013-2566,https://securityvulnerability.io/vulnerability/CVE-2013-2566,,"The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.",Oracle,"Http Server,Integrated Lights Out Manager Firmware,Communications Application Session Controller",5.9,MEDIUM,0.007939999923110008,false,false,false,false,,false,false,2013-03-15T21:55:00.000Z,0
CVE-2012-3155,https://securityvulnerability.io/vulnerability/CVE-2012-3155,,"Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB.",Oracle,"Java System Application Server,Glassfish Server",,,0.0061599998734891415,false,false,false,false,,false,false,2012-10-16T23:55:00.000Z,0
CVE-2011-3559,https://securityvulnerability.io/vulnerability/CVE-2011-3559,,"Unspecified vulnerability in Oracle Communications Server 2.0; GlassFish Enterprise Server 2.1.1, 3.0.1, and 3.1.1; and Sun Java System App Server 8.1 and 8.2 allows remote attackers to affect availability via unknown vectors related to Web Container.",Oracle,"Java System Application Server,Communications Server,Glassfish Server",,,0.013399999588727951,false,false,false,false,,false,false,2011-10-18T22:00:00.000Z,0
CVE-2011-0807,https://securityvulnerability.io/vulnerability/CVE-2011-0807,,"Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration.",Oracle,"Glassfish Server,Java System Application Server",,,0.9595199823379517,false,false,false,false,,false,false,2011-04-20T03:09:00.000Z,0
CVE-2010-2397,https://securityvulnerability.io/vulnerability/CVE-2010-2397,,"Unspecified vulnerability in Oracle Sun Java System Application Server 8.0, 8.1, and 8.2; and GlassFish Enterprise Server 2.1.1; allows local users to affect confidentiality and integrity, related to the GUI.",Oracle,Java System Application Server,,,0.0006000000284984708,false,false,false,false,,false,false,2010-07-13T22:07:00.000Z,0
CVE-2010-0386,https://securityvulnerability.io/vulnerability/CVE-2010-0386,,"The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing (XST) attack, a related issue to CVE-2004-2763 and CVE-2005-3398.",Oracle,Java System Application Server,,,0.004840000066906214,false,false,false,false,,false,false,2010-01-25T19:30:00.000Z,0
CVE-2010-0066,https://securityvulnerability.io/vulnerability/CVE-2010-0066,,Unspecified vulnerability in the Access Manager Identity Server component in Oracle Application Server 7.0.4.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors.,Oracle,Application Server,,,0.0028899998869746923,false,false,false,false,,false,false,2010-01-13T01:00:00.000Z,0
CVE-2009-3412,https://securityvulnerability.io/vulnerability/CVE-2009-3412,,"Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local users to affect confidentiality via unknown vectors.",Oracle,Application Server,,,0.020549999549984932,false,false,false,false,,false,false,2010-01-13T01:00:00.000Z,0
CVE-2010-0070,https://securityvulnerability.io/vulnerability/CVE-2010-0070,,Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect integrity via unknown vectors.,Oracle,Application Server,,,0.0027000000700354576,false,false,false,false,,false,false,2010-01-13T01:00:00.000Z,0
CVE-2010-0067,https://securityvulnerability.io/vulnerability/CVE-2010-0067,,Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect confidentiality via unknown vectors.,Oracle,Application Server,,,0.003019999945536256,false,false,false,false,,false,false,2010-01-13T01:00:00.000Z,0
CVE-2009-1990,https://securityvulnerability.io/vulnerability/CVE-2009-1990,,Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors.,Oracle,Application Server,,,0.0006399999838322401,false,false,false,false,,false,false,2009-10-22T18:00:00.000Z,0
CVE-2009-1999,https://securityvulnerability.io/vulnerability/CVE-2009-1999,,Unspecified vulnerability in the Business Intelligence Enterprise Edition component in unspecified Oracle Application Server versions allows remote attackers to affect integrity via unknown vectors.,Oracle,Application Server,,,0.004860000219196081,false,false,false,false,,false,false,2009-10-22T18:00:00.000Z,0
CVE-2009-3407,https://securityvulnerability.io/vulnerability/CVE-2009-3407,,"Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-0983.",Oracle,Application Server,,,0.00622999994084239,false,false,false,false,,false,false,2009-10-22T18:00:00.000Z,0
CVE-2008-7237,https://securityvulnerability.io/vulnerability/CVE-2008-7237,,"Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows remote authenticated users to affect confidentiality via unknown vectors, aka AS06.",Oracle,Application Server,,,0.005160000175237656,false,false,false,false,,false,false,2009-09-14T14:00:00.000Z,0
CVE-2008-7236,https://securityvulnerability.io/vulnerability/CVE-2008-7236,,"Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 and 10.1.3.1 allows remote attackers to affect integrity via unknown vectors, aka AS05.",Oracle,Application Server,,,0.004230000078678131,false,false,false,false,,false,false,2009-09-14T14:00:00.000Z,0
CVE-2008-7234,https://securityvulnerability.io/vulnerability/CVE-2008-7234,,"Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, aka AS03.",Oracle,Application Server,,,0.00343000004068017,false,false,false,false,,false,false,2009-09-14T14:00:00.000Z,0
CVE-2008-7235,https://securityvulnerability.io/vulnerability/CVE-2008-7235,,"Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E-Business Suite 12.0.3 allows remote attackers to affect integrity via unknown vectors, aka AS04.",Oracle,"Application Server,E-business Suite",,,0.008249999955296516,false,false,false,false,,false,false,2009-09-14T14:00:00.000Z,0
CVE-2008-7233,https://securityvulnerability.io/vulnerability/CVE-2008-7233,,"Unspecified vulnerability in the E-Business Application client, as used in Oracle Application Server 1.1.8.26 and E-Business Suite 11.5.10.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Oracle Jinitiator component, aka AS02.",Oracle,"E-business Suite 11i,Application Server",,,0.018869999796152115,false,false,false,false,,false,false,2009-09-14T14:00:00.000Z,0
CVE-2009-1976,https://securityvulnerability.io/vulnerability/CVE-2009-1976,,Unspecified vulnerability in the HTTP Server component in Oracle Application Server 10.1.2.3 allows remote attackers to affect integrity via unknown vectors.,Oracle,Application Server,,,0.004569999873638153,false,false,false,false,,false,false,2009-07-14T23:30:00.000Z,0
CVE-2009-1009,https://securityvulnerability.io/vulnerability/CVE-2009-1009,,"Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect confidentiality, integrity, and availability, related to HTML.",Oracle,Application Server,,,0.000539999979082495,false,false,false,false,,false,false,2009-04-15T10:00:00.000Z,0
CVE-2009-0996,https://securityvulnerability.io/vulnerability/CVE-2009-0996,,"Unspecified vulnerability in the BI Publisher component in Oracle Application Server 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors.",Oracle,Application Server,,,0.0038300000596791506,false,false,false,false,,false,false,2009-04-15T10:00:00.000Z,0
CVE-2009-0994,https://securityvulnerability.io/vulnerability/CVE-2009-0994,,"Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-1017.",Oracle,Application Server,,,0.0017399999778717756,false,false,false,false,,false,false,2009-04-15T10:00:00.000Z,0
CVE-2009-0989,https://securityvulnerability.io/vulnerability/CVE-2009-0989,,"Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0990.",Oracle,Application Server,,,0.0017399999778717756,false,false,false,false,,false,false,2009-04-15T10:00:00.000Z,0