Vendor CVEs
Oracle Corporation
All CVEs
10,031 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-10006 | Med | 0.42 | 6.5 | 0.02 | Aug 8, 2017 | Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with… | ||
| CVE-2015-5219 | Hig | 0.42 | 7.5 | 0.06 | Jul 21, 2017 | The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. | ||
| CVE-2017-9735 | Hig | 0.42 | 7.5 | 0.06 | Jun 16, 2017 | Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords. | ||
| CVE-2017-3592 | Med | 0.42 | 6.5 | 0.02 | Apr 24, 2017 | Vulnerability in the Oracle Payables component of Oracle E-Business Suite (subcomponent: Self Service Manager). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows high privileged attacker… | ||
| CVE-2017-3586 | Med | 0.42 | 6.4 | 0.02 | Apr 24, 2017 | Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.41 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise… | ||
| CVE-2017-3577 | Med | 0.42 | 6.5 | 0.02 | Apr 24, 2017 | Vulnerability in the PeopleSoft Enterprise CS Campus Community component of Oracle PeopleSoft Products (subcomponent: Frameworks). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to… | ||
| CVE-2017-3571 | Med | 0.42 | 6.5 | 0.02 | Apr 24, 2017 | Vulnerability in the PeopleSoft Enterprise SCM eBill Payment component of Oracle PeopleSoft Products (subcomponent: Security). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to… | ||
| CVE-2017-3570 | Med | 0.42 | 6.5 | 0.02 | Apr 24, 2017 | Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: eSettlements). The supported version that is affected is 9.1. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise… | ||
| CVE-2017-3568 | Med | 0.42 | 6.5 | 0.00 | Apr 24, 2017 | Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Printing and Login). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Difficult to exploit… | ||
| CVE-2017-3534 | Med | 0.42 | 6.5 | 0.02 | Apr 24, 2017 | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily "exploitable" vulnerability allows low… | ||
| CVE-2017-3525 | Med | 0.42 | 6.5 | 0.02 | Apr 24, 2017 | Vulnerability in the PeopleSoft Enterprise SCM Service Procurement component of Oracle PeopleSoft Products (subcomponent: Usability). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to… | ||
| CVE-2017-3524 | Med | 0.42 | 6.5 | 0.02 | Apr 24, 2017 | Vulnerability in the PeopleSoft Enterprise SCM Strategic Sourcing component of Oracle PeopleSoft Products (subcomponent: Bidder Registration). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access… | ||
| CVE-2017-3522 | Med | 0.42 | 6.5 | 0.02 | Apr 24, 2017 | Vulnerability in the PeopleSoft Enterprise SCM eSupplier Connection component of Oracle PeopleSoft Products (subcomponent: Vendor). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to… | ||
| CVE-2017-3521 | Med | 0.42 | 6.5 | 0.02 | Apr 24, 2017 | Vulnerability in the PeopleSoft Enterprise SCM Purchasing component of Oracle PeopleSoft Products (subcomponent: Supplier Registration). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP… | ||
| CVE-2017-3520 | Med | 0.42 | 6.5 | 0.02 | Apr 24, 2017 | Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Core). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to… | ||
| CVE-2017-3517 | Med | 0.42 | 6.5 | 0.01 | Apr 24, 2017 | Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime SEC). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to… | ||
| CVE-2017-3491 | Med | 0.42 | 6.5 | 0.02 | Apr 24, 2017 | Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Limits and Collateral). Supported versions that are affected are 12.0.1 and 12.1.0. Easily "exploitable" vulnerability allows low… | ||
| CVE-2017-3488 | Med | 0.42 | 6.5 | 0.01 | Apr 24, 2017 | Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust). Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.1.0, 12.2.0 and 12.3.0. Easily "exploitable" vulnerability allows… | ||
| CVE-2017-3453 | Med | 0.42 | 6.5 | 0.03 | Apr 24, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network… | ||
| CVE-2017-3452 | Med | 0.42 | 6.5 | 0.02 | Apr 24, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.35 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise… | ||
| CVE-2017-3273 | Med | 0.42 | 6.5 | 0.03 | Jan 27, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols… | ||
| CVE-2017-3258 | Med | 0.42 | 6.5 | 0.03 | Jan 27, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access… | ||
| CVE-2017-3257 | Med | 0.42 | 6.5 | 0.03 | Jan 27, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols… | ||
| CVE-2017-3256 | Med | 0.42 | 6.5 | 0.02 | Jan 27, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise… | ||
| CVE-2016-8311 | Med | 0.42 | 6.5 | 0.02 | Jan 27, 2017 | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows low… | ||
| CVE-2016-5548 | Med | 0.42 | 6.5 | 0.03 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network… | ||
| CVE-2016-5627 | Med | 0.42 | 6.5 | 0.03 | Oct 25, 2016 | Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB. | ||
| CVE-2016-5585 | Med | 0.42 | 6.5 | 0.02 | Oct 25, 2016 | Unspecified vulnerability in the Oracle Interaction Center Intelligence component in Oracle E-Business Suite 12.1.1 through 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors. | ||
| CVE-2016-5572 | Med | 0.42 | 6.4 | 0.00 | Oct 25, 2016 | Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | ||
| CVE-2016-5571 | Med | 0.42 | 6.5 | 0.01 | Oct 25, 2016 | Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 and 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities, a different vulnerability than CVE-2016-5567. | ||
| CVE-2016-5570 | Med | 0.42 | 6.5 | 0.01 | Oct 25, 2016 | Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities. | ||
| CVE-2016-5567 | Med | 0.42 | 6.5 | 0.01 | Oct 25, 2016 | Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 and 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities, a different vulnerability than CVE-2016-5571. | ||
| CVE-2016-5534 | Med | 0.42 | 6.5 | 0.01 | Oct 25, 2016 | Unspecified vulnerability in the Siebel Apps - Customer Order Management component in Oracle Siebel CRM 16.1 allows remote authenticated users to affect confidentiality via unknown vectors. | ||
| CVE-2016-5521 | Med | 0.42 | 6.5 | 0.01 | Oct 25, 2016 | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5512. | ||
| CVE-2016-5497 | Med | 0.42 | 6.4 | 0.00 | Oct 25, 2016 | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | ||
| CVE-2016-5404 | Med | 0.42 | 6.5 | 0.03 | Sep 7, 2016 | The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission. | ||
| CVE-2016-5461 | Med | 0.42 | 6.5 | 0.02 | Jul 21, 2016 | Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via vectors related to Object Manager. | ||
| CVE-2016-5458 | Med | 0.42 | 6.4 | 0.01 | Jul 21, 2016 | Unspecified vulnerability in the Oracle Communications EAGLE Application Processor component in Oracle Communications Applications 16.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to APPL. | ||
| CVE-2016-5454 | Med | 0.42 | 6.4 | 0.00 | Jul 21, 2016 | Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot. | ||
| CVE-2016-5448 | Med | 0.42 | 6.5 | 0.03 | Jul 21, 2016 | Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity and availability via vectors related to SNMP. | ||
| CVE-2016-3572 | Med | 0.42 | 6.4 | 0.01 | Jul 21, 2016 | Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to Web Access. | ||
| CVE-2016-3537 | Med | 0.42 | 6.5 | 0.03 | Jul 21, 2016 | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to File Folders / Attachment, a different vulnerability than CVE-2016-5473. | ||
| CVE-2016-3514 | Med | 0.42 | 6.5 | 0.03 | Jul 21, 2016 | Unspecified vulnerability in the Oracle Enterprise Communications Broker component in Oracle Communications Applications before PCz 2.0.0m4p1 allows remote authenticated users to affect confidentiality via vectors related to GUI, a different vulnerability than CVE-2016-3516. | ||
| CVE-2016-3513 | Med | 0.42 | 6.5 | 0.03 | Jul 21, 2016 | Unspecified vulnerability in the Oracle Communications Operations Monitor component in Oracle Communications Applications before 3.3.92.0.0 allows remote authenticated users to affect confidentiality via vectors related to Infrastructure. | ||
| CVE-2016-3502 | Med | 0.42 | 6.5 | 0.01 | Jul 21, 2016 | Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 11.1.1.8 and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | ||
| CVE-2016-3494 | Med | 0.42 | 6.5 | 0.02 | Jul 21, 2016 | Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2 allows remote attackers to affect availability via vectors related to OS Provisioning. | ||
| CVE-2016-3476 | Med | 0.42 | 6.5 | 0.02 | Jul 21, 2016 | Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote attackers to affect confidentiality and integrity via vectors related to Information Manager Console. | ||
| CVE-2016-2117 | Hig | 0.42 | 7.5 | 0.06 | May 2, 2016 | The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data. | ||
| CVE-2016-3431 | Med | 0.42 | 6.4 | 0.01 | Apr 21, 2016 | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and integrity via vectors related to Security, a different vulnerability than… | ||
| CVE-2016-3420 | Med | 0.42 | 6.4 | 0.01 | Apr 21, 2016 | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and integrity via vectors related to Security, a different vulnerability than… |
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with…
- risk 0.42cvss 7.5epss 0.06
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.
- risk 0.42cvss 7.5epss 0.06
Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the Oracle Payables component of Oracle E-Business Suite (subcomponent: Self Service Manager). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows high privileged attacker…
- risk 0.42cvss 6.4epss 0.02
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.41 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the PeopleSoft Enterprise CS Campus Community component of Oracle PeopleSoft Products (subcomponent: Frameworks). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the PeopleSoft Enterprise SCM eBill Payment component of Oracle PeopleSoft Products (subcomponent: Security). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: eSettlements). The supported version that is affected is 9.1. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise…
- risk 0.42cvss 6.5epss 0.00
Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Printing and Login). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Difficult to exploit…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily "exploitable" vulnerability allows low…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the PeopleSoft Enterprise SCM Service Procurement component of Oracle PeopleSoft Products (subcomponent: Usability). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the PeopleSoft Enterprise SCM Strategic Sourcing component of Oracle PeopleSoft Products (subcomponent: Bidder Registration). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the PeopleSoft Enterprise SCM eSupplier Connection component of Oracle PeopleSoft Products (subcomponent: Vendor). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the PeopleSoft Enterprise SCM Purchasing component of Oracle PeopleSoft Products (subcomponent: Supplier Registration). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Core). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to…
- risk 0.42cvss 6.5epss 0.01
Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime SEC). The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Limits and Collateral). Supported versions that are affected are 12.0.1 and 12.1.0. Easily "exploitable" vulnerability allows low…
- risk 0.42cvss 6.5epss 0.01
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust). Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.1.0, 12.2.0 and 12.3.0. Easily "exploitable" vulnerability allows…
- risk 0.42cvss 6.5epss 0.03
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.35 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise…
- risk 0.42cvss 6.5epss 0.03
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols…
- risk 0.42cvss 6.5epss 0.03
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access…
- risk 0.42cvss 6.5epss 0.03
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise…
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows low…
- risk 0.42cvss 6.5epss 0.03
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network…
- risk 0.42cvss 6.5epss 0.03
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.
- risk 0.42cvss 6.5epss 0.02
Unspecified vulnerability in the Oracle Interaction Center Intelligence component in Oracle E-Business Suite 12.1.1 through 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors.
- risk 0.42cvss 6.4epss 0.00
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
- risk 0.42cvss 6.5epss 0.01
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 and 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities, a different vulnerability than CVE-2016-5567.
- risk 0.42cvss 6.5epss 0.01
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities.
- risk 0.42cvss 6.5epss 0.01
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 and 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities, a different vulnerability than CVE-2016-5571.
- risk 0.42cvss 6.5epss 0.01
Unspecified vulnerability in the Siebel Apps - Customer Order Management component in Oracle Siebel CRM 16.1 allows remote authenticated users to affect confidentiality via unknown vectors.
- risk 0.42cvss 6.5epss 0.01
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5512.
- risk 0.42cvss 6.4epss 0.00
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
- risk 0.42cvss 6.5epss 0.03
The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.
- risk 0.42cvss 6.5epss 0.02
Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via vectors related to Object Manager.
- risk 0.42cvss 6.4epss 0.01
Unspecified vulnerability in the Oracle Communications EAGLE Application Processor component in Oracle Communications Applications 16.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to APPL.
- risk 0.42cvss 6.4epss 0.00
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot.
- risk 0.42cvss 6.5epss 0.03
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity and availability via vectors related to SNMP.
- risk 0.42cvss 6.4epss 0.01
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to Web Access.
- risk 0.42cvss 6.5epss 0.03
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to File Folders / Attachment, a different vulnerability than CVE-2016-5473.
- risk 0.42cvss 6.5epss 0.03
Unspecified vulnerability in the Oracle Enterprise Communications Broker component in Oracle Communications Applications before PCz 2.0.0m4p1 allows remote authenticated users to affect confidentiality via vectors related to GUI, a different vulnerability than CVE-2016-3516.
- risk 0.42cvss 6.5epss 0.03
Unspecified vulnerability in the Oracle Communications Operations Monitor component in Oracle Communications Applications before 3.3.92.0.0 allows remote authenticated users to affect confidentiality via vectors related to Infrastructure.
- risk 0.42cvss 6.5epss 0.01
Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 11.1.1.8 and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
- risk 0.42cvss 6.5epss 0.02
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2 allows remote attackers to affect availability via vectors related to OS Provisioning.
- risk 0.42cvss 6.5epss 0.02
Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote attackers to affect confidentiality and integrity via vectors related to Information Manager Console.
- risk 0.42cvss 7.5epss 0.06
The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.
- risk 0.42cvss 6.4epss 0.01
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and integrity via vectors related to Security, a different vulnerability than…
- risk 0.42cvss 6.4epss 0.01
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and integrity via vectors related to Security, a different vulnerability than…
Page 54 of 201