Enterprise Manager Ops Center

enterprise_manager_ops_center

Vendor: Oracle • 107 CVEs

CVEs (107)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-8109 4Apache CanonicalFedoraproject+1 more 4Enterprise Manager Ops Center FedoraHttp Server+1 more May 6, 2026 Dec 29, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within differ...Show more mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory.Show less
CVE-2014-3581 4Apache CanonicalOracle+1 more 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 more May 6, 2026 Oct 10, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and applic...Show more The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.Show less
CVE-2014-0226 4Apache DebianOracle+1 more 6Debian Linux Enterprise Manager Ops CenterHttp Server+3 more May 6, 2026 Jul 20, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or ex...Show more Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.Show less
CVE-2013-5704 5Apache AppleCanonical+2 more 15Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+12 more May 6, 2026 Apr 15, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the...Show more The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."Show less
CVE-2014-1491 7Canonical DebianFedoraproject+4 more 13Debian Linux Enterprise Manager Ops CenterFedora+10 more Apr 29, 2026 Feb 6, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict...Show more Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.Show less
CVE-2014-1490 7Canonical DebianFedoraproject+4 more 13Debian Linux Enterprise Manager Ops CenterFedora+10 more Apr 29, 2026 Feb 6, 2014 N/A· v4 N/A· v3 9.3 HIGH· v2 Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products,...Show more Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.Show less
CVE-2013-1620 4Canonical MozillaOracle+1 more 15Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+12 more Apr 29, 2026 Feb 8, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows...Show more The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.Show less

Previous 1 2 3 4 56