VYPR

Vendor CVEs

Oracle Corporation

All CVEs

10,082 total · sorted by risk
  • CVE-2018-2672HigJan 18, 2018
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Supported versions that are affected are 2.7, 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2018-2652HigJan 18, 2018
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access…

  • CVE-2018-2651HigJan 18, 2018
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: XML Publisher). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2018-2617HigJan 18, 2018
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). The supported version that is affected is Prior to 2.11.33. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2018-2604HigJan 18, 2018
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). The supported version that is affected is 4.2.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2018-2589HigJan 18, 2018
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Server). Supported versions that are affected are 2.7, 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2018-2585HigJan 18, 2018
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Net). Supported versions that are affected are 6.9.9 and prior and 6.10.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple…

  • CVE-2017-17740HigDec 18, 2017
    risk 0.49cvss 7.5epss 0.07

    contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN…

  • CVE-2017-10267HigNov 14, 2017
    risk 0.49cvss 7.5epss 0.01

    Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via Jolt to compromise…

  • CVE-2017-10388HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with…

  • CVE-2017-10373HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Health Center). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP…

  • CVE-2017-10369HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.01

    Vulnerability in the Oracle Virtual Directory component of Oracle Fusion Middleware (subcomponent: Virtual Directory Server). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Difficult to exploit vulnerability allows low privileged attacker with network access…

  • CVE-2017-10335HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Elastic Search). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP…

  • CVE-2017-10332HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows…

  • CVE-2017-10328HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker…

  • CVE-2017-10310HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). The supported version that is affected is 11.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2017-10260HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2017-10259HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2017-10155HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.04

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2017-10037HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Service API). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2017-10245HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated…

  • CVE-2017-10232HigAug 8, 2017
    risk 0.49cvss 7.6epss 0.01

    Vulnerability in the Hospitality WebSuite8 Cloud Service component of Oracle Hospitality Applications (subcomponent: General). Supported versions that are affected are 8.9.6 and 8.10.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP…

  • CVE-2017-10176HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.05

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated…

  • CVE-2017-10144HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: Oracle Diagnostics Interfaces). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2017-10136HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). The supported version that is affected is 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2017-10118HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated…

  • CVE-2017-10115HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated…

  • CVE-2017-10067HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to…

  • CVE-2017-10042HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: IKE). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via IKE to compromise Solaris. Successful…

  • CVE-2017-10036HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NFSv4). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFSv4 to compromise Solaris. Successful…

  • CVE-2017-10016HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is AK 2013. Difficult to exploit vulnerability allows unauthenticated attacker with network access via…

  • CVE-2017-10001HigAug 8, 2017
    risk 0.49cvss 7.6epss 0.01

    Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Core). The supported version that is affected is 1.7.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to…

  • CVE-2015-7701HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.07

    Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).

  • CVE-2015-7692HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.07

    The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

  • CVE-2015-7691HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.07

    The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for…

  • CVE-2015-7703HigJul 24, 2017
    risk 0.49cvss 7.5epss 0.04

    The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote…

  • CVE-2017-1000029HigJul 17, 2017
    risk 0.49cvss 7.5epss 0.08

    Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.

  • CVE-2017-3621HigApr 24, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: IPC Frameworks). The supported version that is affected is AK 2013. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via…

  • CVE-2017-3572HigApr 24, 2017
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component of Oracle Commerce (subcomponent: MDEX). Supported versions that are affected are 6.2.2, 6.3.0, 6.4.1.2, 6.5.0, 6.5.1 and 6.5.2. Easily "exploitable" vulnerability allows…

  • CVE-2017-3555HigApr 24, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle iReceivables component of Oracle E-Business Suite (subcomponent: Self Registration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker…

  • CVE-2017-3538HigApr 24, 2017
    risk 0.49cvss 7.5epss 0.00

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Shared Folder). Supported versions that are affected are Prior to 5.0.34 and Prior to 5.1.16. Difficult to exploit vulnerability allows low privileged attacker with logon to the…

  • CVE-2017-3519HigApr 24, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Security). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2017-3518HigApr 24, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: Discovery Framework). Supported versions that are affected are 12.1.0, 13.1.0 and 13.2.0. Easily "exploitable" vulnerability allows unauthenticated attacker…

  • CVE-2017-3499HigApr 24, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle Social Network component of Oracle Fusion Middleware (subcomponent: Android Client). The supported version that is affected is prior to 11.1.12.0.0 (17019101). Easily "exploitable" vulnerability allows unauthenticated attacker with network access via…

  • CVE-2017-3450HigApr 24, 2017
    risk 0.49cvss 7.5epss 0.04

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple…

  • CVE-2017-3329HigApr 24, 2017
    risk 0.49cvss 7.5epss 0.04

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with…

  • CVE-2017-3233HigApr 24, 2017
    risk 0.49cvss 7.5epss 0.01

    Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). The supported version that is affected is Prior to 5.7. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2016-4483HigApr 11, 2017
    risk 0.49cvss 7.5epss 0.06

    The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate…

  • CVE-2017-3302HigFeb 12, 2017
    risk 0.49cvss 7.5epss 0.05

    Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.

  • CVE-2017-3330HigJan 27, 2017
    risk 0.49cvss 7.6epss 0.01

    Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: Open UI). The supported version that is affected is 16.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel UI Framework.…

Page 17 of 202