Oracle Fusion Middleware vulnerabilities
310 known vulnerabilities affecting oracle/fusion_middleware.
Total CVEs
310
CISA KEV
3
actively exploited
Public exploits
28
Exploited in wild
3
Severity breakdown
CRITICAL7HIGH29MEDIUM207LOW67
Vulnerabilities
Page 3 of 16
CVE-2015-4877LOWCVSS 1.5PoCv8.5.0v8.5.1+1 more2015-10-21
CVE-2015-4877 [LOW] CVE-2015-4877: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4878.
nvd
CVE-2015-4809LOWCVSS 1.5v8.5.0v8.5.1+1 more2015-10-21
CVE-2015-4809 [LOW] CVE-2015-4809: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In PDF Export SDK, a different vulnerability than CVE-2015-4811.
nvd
CVE-2015-4811LOWCVSS 1.5v8.5.0v8.5.1+1 more2015-10-21
CVE-2015-4811 [LOW] CVE-2015-4811: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In PDF Export SDKutside In PDF Export SDK, a different vulnerability than CVE-2015-4809.
nvd
CVE-2014-3576HIGHCVSS 7.5v8.1v9.0+2 more2015-08-14
CVE-2014-3576 [HIGH] CWE-264 CVE-2014-3576: The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11
The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command.
nvd
CVE-2015-2606HIGHCVSS 7.5v2.2.2v2.3+3 more2015-07-16
CVE-2015-2606 [HIGH] CVE-2015-2606: Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusi
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CV
nvd
CVE-2015-2593HIGHCVSS 7.1v11.1.2.22015-07-16
CVE-2015-2593 [HIGH] CVE-2015-2593: Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Configuration Service.
nvd
CVE-2015-2605HIGHCVSS 7.5v2.2.2v2.3+3 more2015-07-16
CVE-2015-2605 [HIGH] CVE-2015-2605: Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusi
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2606, and CV
nvd
CVE-2015-2603HIGHCVSS 7.5v2.2.2v2.3+3 more2015-07-16
CVE-2015-2603 [HIGH] CVE-2015-2603: Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusi
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2604, CVE-2015-2605, CVE-2015-2606, and CV
nvd
CVE-2015-2604HIGHCVSS 7.5v2.2.2v2.3+3 more2015-07-16
CVE-2015-2604 [HIGH] CVE-2015-2604: Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusi
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2605, CVE-2015-2606, and CV
nvd
CVE-2015-2636HIGHCVSS 7.5v11.1.1.3.02015-07-16
CVE-2015-2636 [HIGH] CVE-2015-2636: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2
nvd
CVE-2015-2602HIGHCVSS 7.5v2.2.2v2.3+3 more2015-07-16
CVE-2015-2602 [HIGH] CVE-2015-2602: Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusi
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, CVE-2015-2606, and CV
nvd
CVE-2015-4745HIGHCVSS 7.5v2.2.2v2.3+3 more2015-07-16
CVE-2015-4745 [HIGH] CVE-2015-4745: Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusi
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CV
nvd
CVE-2015-4751MEDIUMCVSS 5.0v11.1.1.7.0v11.1.2.2.02015-07-16
CVE-2015-4751 [MEDIUM] CVE-2015-4751: Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect availability via unknown vectors related to Authentication Engine.
nvd
CVE-2015-4759MEDIUMCVSS 6.8v11.1.1.3.02015-07-16
CVE-2015-4759 [MEDIUM] CVE-2015-4759: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015
nvd
CVE-2015-2634MEDIUMCVSS 6.8v11.1.1.3.02015-07-16
CVE-2015-2634 [MEDIUM] CVE-2015-2634: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2635, CVE-2015
nvd
CVE-2015-2635MEDIUMCVSS 6.8v11.1.1.3.02015-07-16
CVE-2015-2635 [MEDIUM] CVE-2015-2635: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015
nvd
CVE-2015-0446MEDIUMCVSS 6.8v11.1.1.3.02015-07-16
CVE-2015-0446 [MEDIUM] CVE-2015-0446: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-2634, CVE-2015-2635, CVE-2015
nvd
CVE-2015-4758MEDIUMCVSS 6.8v11.1.1.3.02015-07-16
CVE-2015-4758 [MEDIUM] CVE-2015-4758: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015
nvd
CVE-2015-0445MEDIUMCVSS 6.8v11.1.1.3.02015-07-16
CVE-2015-0445 [MEDIUM] CVE-2015-0445: Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015
nvd
CVE-2015-2658MEDIUMCVSS 5.0v11.1.1.7.02015-07-16
CVE-2015-2658 [MEDIUM] CVE-2015-2658: Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 allows r
Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to SSL/TLS Support.
nvd