Product:

Application_server

(Oracle)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 187
Date ID Summary Products Score Patch
2007-10-17 CVE-2007-5531 Unspecified vulnerability in Oracle Help for Web, as used in Oracle Application Server, Oracle Database 10.2.0.3, and Enterprise Manager 10.1.0.6, has unknown impact and remote attack vectors, aka EM02. Application_server, Database_server, Enterprise_manager N/A
2018-11-15 CVE-2018-5407 Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. Ubuntu_linux, Debian_linux, Node\.js, Openssl, Api_gateway, Application_server, Enterprise_manager_base_platform, Enterprise_manager_ops_center, Mysql_enterprise_backup, Peoplesoft_enterprise_peopletools, Primavera_p6_enterprise_project_portfolio_management, Tuxedo, Vm_virtualbox, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Nessus 4.7
2018-10-29 CVE-2018-0735 The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Ubuntu_linux, Debian_linux, Cloud_backup, Cn1610_firmware, Element_software, Oncommand_unified_manager, Santricity_smi\-S_provider, Smi\-S_provider, Snapdrive, Steelstore, Node\.js, Openssl, Api_gateway, Application_server, Enterprise_manager_base_platform, Enterprise_manager_ops_center, Mysql, Peoplesoft_enterprise_peopletools, Primavera_p6_enterprise_project_portfolio_management, Secure_global_desktop, Tuxedo, Vm_virtualbox 5.9
2010-01-13 CVE-2010-0070 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect integrity via unknown vectors. Application_server N/A
2010-01-13 CVE-2010-0067 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect confidentiality via unknown vectors. Application_server N/A
2010-01-13 CVE-2010-0066 Unspecified vulnerability in the Access Manager Identity Server component in Oracle Application Server 7.0.4.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors. Application_server N/A
2010-01-13 CVE-2009-3412 Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local users to affect confidentiality via unknown vectors. Application_server, Database_server N/A
2009-10-22 CVE-2009-3407 Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-0983. Application_server N/A
2009-10-22 CVE-2009-1999 Unspecified vulnerability in the Business Intelligence Enterprise Edition component in unspecified Oracle Application Server versions allows remote attackers to affect integrity via unknown vectors. Application_server N/A
2009-10-22 CVE-2009-1990 Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors. Application_server N/A