VYPR

CVEs

101,975 total · page 1577 of 2,040

  • CVE-2019-15262HigOct 16, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the SSH process is…

  • CVE-2019-15261HigOct 16, 2019
    risk 0.56cvss 8.6epss 0.01

    A vulnerability in the Point-to-Point Tunneling Protocol (PPTP) VPN packet processing functionality in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The…

  • CVE-2019-15252HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15251HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15250HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15249HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15248HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15247HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15246HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15245HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15244HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15243HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15242HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15241HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15240HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-12636HigOct 16, 2019
    risk 0.57cvss 8.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF…

  • CVE-2019-3028HigOct 16, 2019
    risk 0.57cvss 8.8epss 0.01

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where…

  • CVE-2019-3017HigOct 16, 2019
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where…

  • CVE-2019-3010HigKEVOct 16, 2019
    risk 0.73cvss 8.8epss 0.13

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise…

  • CVE-2019-3000HigOct 16, 2019
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP…

  • CVE-2019-2995HigOct 16, 2019
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP…

  • CVE-2019-2994HigOct 16, 2019
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2019-2990HigOct 16, 2019
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Order Tracker). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2019-2986HigOct 16, 2019
    risk 0.50cvss 7.7epss 0.01

    Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: LLVM Interpreter). The supported version that is affected is 19.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to…

  • CVE-2019-2972HigOct 16, 2019
    risk 0.48cvss 7.3epss 0.01

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2019-2971HigOct 16, 2019
    risk 0.48cvss 7.3epss 0.01

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2019-2970HigOct 16, 2019
    risk 0.48cvss 7.3epss 0.01

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2019-2965HigOct 16, 2019
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the Siebel Core - DB Deployment and Configuration product of Oracle Siebel CRM (component: Install - Configuration). Supported versions that are affected are 19.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2019-2953HigOct 16, 2019
    risk 0.46cvss 7.1epss 0.01

    Vulnerability in the Oracle Hospitality Cruise Dining Room Management product of Oracle Hospitality Applications (component: Web Service). The supported version that is affected is 8.0.80. Easily exploitable vulnerability allows low privileged attacker with network access via…

  • CVE-2019-2947HigOct 16, 2019
    risk 0.46cvss 7.1epss 0.01

    Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Inventory Integration privilege with…

  • CVE-2019-2944HigOct 16, 2019
    risk 0.47cvss 7.3epss 0.01

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where…

  • CVE-2019-2942HigOct 16, 2019
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access…

  • CVE-2019-2937HigOct 16, 2019
    risk 0.53cvss 8.1epss 0.02

    Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Admin - Configuration privilege with…

  • CVE-2019-2934HigOct 16, 2019
    risk 0.53cvss 8.1epss 0.01

    Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Admin - Configuration privilege with…

  • CVE-2019-2932HigOct 16, 2019
    risk 0.50cvss 7.7epss 0.01

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Tree Manager). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise…

  • CVE-2019-2907HigOct 16, 2019
    risk 0.47cvss 7.2epss 0.01

    Vulnerability in the Oracle Web Services product of Oracle Fusion Middleware (component: SOAP with Attachments API for Java). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2019-2906HigOct 16, 2019
    risk 0.53cvss 8.2epss 0.02

    Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: Mobile Service). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2019-2905HigOct 16, 2019
    risk 0.56cvss 8.6epss 0.02

    Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network…

  • CVE-2019-2903HigOct 16, 2019
    risk 0.48cvss 7.3epss 0.01

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2019-2902HigOct 16, 2019
    risk 0.48cvss 7.3epss 0.01

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2019-2901HigOct 16, 2019
    risk 0.48cvss 7.3epss 0.01

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2019-2900HigOct 16, 2019
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2019-2895HigOct 16, 2019
    risk 0.49cvss 7.5epss 0.01

    Vulnerability in the Enterprise Manager for Exadata product of Oracle Enterprise Manager (component: Exadata Plug-In Deploy and Ins). Supported versions that are affected are 12.1.0.5.0, 13.2.2.0.0, 13.3.1.0.0 and 13.3.2.0.0. Difficult to exploit vulnerability allows low…

  • CVE-2019-2891HigOct 16, 2019
    risk 0.53cvss 8.1epss 0.02

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP…

  • CVE-2019-2890HigOct 16, 2019
    risk 0.50cvss 7.2epss 0.38

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via T3…

  • CVE-2019-15893HigOct 16, 2019
    risk 0.47cvss 7.2epss 0.02

    Sonatype Nexus Repository Manager 2.x before 2.14.15 allows Remote Code Execution.

  • CVE-2019-10453HigOct 16, 2019
    risk 0.51cvss 7.8epss 0.00

    Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-10449HigOct 16, 2019
    risk 0.50cvss 8.8epss 0.01

    Jenkins Fortify on Demand Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-10448HigOct 16, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins Extensive Testing Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-10446HigOct 16, 2019
    risk 0.46cvss 8.2epss 0.01

    Jenkins Cadence vManager Plugin 2.7.0 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM.