Max CVSS 10.0 Min CVSS 1.2 Total Count312
IDCVSSSummaryLast (major) updatePublished
CVE-2017-3653 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3652 4.9
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3651 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileg
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3650 4.3
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protoc
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3649 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker wi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3648 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3647 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker wi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3646 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple proto
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3645 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3644 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3643 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3642 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3641 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged a
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3640 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3639 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3638 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3637 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple prot
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3636 4.6
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logo
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3635 3.5
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/C). Supported versions that are affected are 6.1.10 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multip
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3634 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3633 5.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3632 10.0
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: CDE Calendar). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3562 5.5
Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite (subcomponent: AD Utilities). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privilege
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-3529 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: UDF). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple p
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10258 5.8
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: Add New Image). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker w
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10257 5.8
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: Browse Folder Hierarchy). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10256 5.8
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: EPPCM_HIER_TOP). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10255 5.8
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: EPPCM_HIER_TOP). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10254 4.0
Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Staffing Front Office). The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with networ
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10253 5.8
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Pivot Grid). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with n
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10252 1.9
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Updates Change Assistant). Supported versions that are affected are 8.54 and 8.55. Difficult to exploit vulnerability allows low privileged
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10251 1.9
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Test Framework). Supported versions that are affected are 8.54 and 8.55. Difficult to exploit vulnerability allows low privileged attacker w
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10250 1.9
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Tuxedo). Supported versions that are affected are 8.54 and 8.55. Difficult to exploit vulnerability allows low privileged attacker with logo
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10249 5.8
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacke
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10248 5.8
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: EPPCM_HIER_TOP). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10247 5.8
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: HTML Area). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10246 6.4
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: iHelp). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthentic
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10245 5.0
Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerab
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10244 5.0
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Attachments). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unaut
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10243 6.4
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulne
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10242 4.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10241 4.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10240 4.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10239 4.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10238 4.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10237 4.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10236 4.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10235 3.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10234 4.4
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). The supported version that is affected is 4. Easily exploitable vulnerability allows low privileged attacker with logon to the in
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10233 3.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastruc
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10232 6.5
Vulnerability in the Hospitality WebSuite8 Cloud Service component of Oracle Hospitality Applications (subcomponent: General). Supported versions that are affected are 8.9.6 and 8.10.x. Easily exploitable vulnerability allows low privileged attacker
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10231 2.1
Vulnerability in the Oracle Hospitality Cruise AffairWhere component of Oracle Hospitality Applications (subcomponent: AWExport). The supported version that is affected is 2.2.05.062. Easily exploitable vulnerability allows low privileged attacker wi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10230 5.5
Vulnerability in the Oracle Hospitality Cruise Dining Room Management component of Oracle Hospitality Applications (subcomponent: SilverWhere). The supported version that is affected is 8.0.75. Easily exploitable vulnerability allows low privileged a
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10229 5.5
Vulnerability in the Oracle Hospitality Cruise Materials Management component of Oracle Hospitality Applications (subcomponent: Event Viewer). The supported version that is affected is 7.30.562. Easily exploitable vulnerability allows low privileged
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10228 5.5
Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: Module). The supported version that is affected is 8.0.0.0. Easily exploitable vulnerability allows low pr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10226 5.5
Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). The supported version that is affected is 9.0. Easily exploitable vulnerability allows low pri
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10225 4.4
Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Hospitality Applications (subcomponent: OPS Operations). The supported version that is affected is 5.5. Difficult to exploit vulnerability allows physical access to compromise Oracl
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10224 5.5
Vulnerability in the Oracle Hospitality Inventory Management component of Oracle Hospitality Applications (subcomponent: Inventory and Count Cycle). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10223 5.5
Vulnerability in the Oracle Hospitality Materials Control component of Oracle Hospitality Applications (subcomponent: Purchasing). Supported versions that are affected are 8.31.4 and 8.32.0. Easily exploitable vulnerability allows low privileged atta
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10222 5.5
Vulnerability in the Oracle Hospitality Materials Control component of Oracle Hospitality Applications (subcomponent: Production Tool). Supported versions that are affected are 8.31.4 and 8.32.0. Easily exploitable vulnerability allows low privileged
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10221 3.7
Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Hospitality Applications (subcomponent: OPS Operations). The supported version that is affected is 5.5. Difficult to exploit vulnerability allows low privileged attacker with logon
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10220 2.1
Vulnerability in the Hospitality Property Interfaces component of Oracle Hospitality Applications (subcomponent: Parser). The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker with logon to
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10219 2.1
Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0.0 and 4.2.1.0. Easily exploitable vulnerability allows low privileged attacker with
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10218 4.0
Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0.0 and 4.2.1.0. Easily exploitable vulnerability allows low privileged attacker with
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10217 4.0
Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0.0 and 4.2.1.0. Easily exploitable vulnerability allows low privileged attacker with
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10216 4.0
Vulnerability in the Hospitality Property Interfaces component of Oracle Hospitality Applications (subcomponent: Parser). The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows low privileged attacker with network a
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10215 5.8
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: EPPCM_DEFN_CATG). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10214 6.4
Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xstore Office). Supported versions that are affected are 6.0.x, 6.5.x, 7.0.x, 7.1.x, 15.0.x and 16.0.0. Easily exploitable vulnerability
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10213 2.1
Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect). The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10212 4.0
Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect). The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows low privileged attacker with network access via
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10211 5.8
Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect). The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker with network access vi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10210 4.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10209 3.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastruc
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10208 4.0
Vulnerability in the Oracle Hospitality e7 component of Oracle Hospitality Applications (subcomponent: Other). The supported version that is affected is 4.2.1. Easily exploitable vulnerability allows low privileged attacker with network access via SM
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10207 5.0
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Utilities). The supported version that is affected is 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network acce
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10206 7.5
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Engagement). The supported version that is affected is 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network acc
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10205 4.0
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). The supported version that is affected is 2.9. Easily exploitable vulnerability allows low privileged attacke
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10204 4.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastruc
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10202 6.5
Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10201 2.1
Vulnerability in the Oracle Hospitality e7 component of Oracle Hospitality Applications (subcomponent: Other). The supported version that is affected is 4.2.1. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10200 3.6
Vulnerability in the Oracle Hospitality e7 component of Oracle Hospitality Applications (subcomponent: Other). The supported version that is affected is 4.2.1. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10199 5.8
Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Pages). The supported version that is affected is 6.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comprom
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10198 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit v
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10196 6.4
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3.0. Easily exploitable vulnerability allows unauthenticated attacker with netwo
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10195 4.3
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). The supported version that is affected is 2.8. Easily exploitable vulnerability allows unauthenticated attacker with network
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10193 2.6
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthen
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10192 5.0
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthe
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10191 5.8
Vulnerability in the Oracle Web Analytics component of Oracle E-Business Suite (subcomponent: Common Libraries). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allo
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10189 2.1
Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure). The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10188 2.1
Vulnerability in the Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite 8/Android). The supported version that is affected is 1.01. Easily exploitable vulnerability allows low privileged attacker with logon to
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10187 3.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10186 5.0
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User and Company Profile). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability all
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10185 5.8
Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: User Management). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows una
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10184 5.0
Vulnerability in the Oracle Field Service component of Oracle E-Business Suite (subcomponent: Wireless/WAP). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows u
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10183 6.8
Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Point of Sale). Supported versions that are affected are 6.0.x, 6.5.x, 7.0.x, 7.1.x, 15.0.x and 16.0.0. Difficult to exploit vulnerabili
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10182 3.5
Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Export Functionality). Supported versions that are affected are 5.4.0.x, 5.4.1.x and 5.4.3.x. Difficult to exploit vul
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10181 6.0
Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Forgot Password). Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows low privilege
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10180 5.8
Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: CMRO). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticate
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10179 6.4
Vulnerability in the Application Management Pack for Oracle E-Business Suite component of Oracle E-Business Suite (subcomponent: User Monitoring). Supported versions that are affected are AMP 12.1.0.4.0 and AMP 13.1.1.1.0. Easily exploitable vulnerab
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10178 5.8
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Easily exploitable vulnerability allows unauthenticat
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10177 5.5
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Flexfields). The supported version that is affected is 12.2.6. Easily exploitable vulnerability allows low privileged attacker with network acc
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10176 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerabil
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10175 4.0
Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: Profiles). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows low privil
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10174 5.8
Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: Service Request). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows una
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10173 5.0
Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Website). Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows u
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10172 5.8
Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Framework). Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10171 5.8
Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Home Page). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthen
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10170 5.8
Vulnerability in the Oracle Field Service component of Oracle E-Business Suite (subcomponent: Wireless/WAP). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with net
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10169 2.1
Vulnerability in the Oracle Hospitality 9700 component of Oracle Hospitality Applications (subcomponent: Operation Security). The supported version that is affected is 4.0. Easily exploitable vulnerability allows low privileged attacker with logon to
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10168 3.3
Vulnerability in the Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite 8/Windows). The supported version that is affected is 1.1. Difficult to exploit vulnerability allows physical access to compromise Hospita
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10160 4.0
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulner
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10157 6.4
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthe
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10156 5.8
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthe
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10150 4.0
Vulnerability in the Primavera Unifier component of Oracle Primavera Products Suite (subcomponent: Platform). Supported versions that are affected are 9.13, 9.14, 10.1, 10.2, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows low priv
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10149 4.9
Vulnerability in the Primavera Unifier component of Oracle Primavera Products Suite (subcomponent: Platform). Supported versions that are affected are 9.13, 9.14, 10.1, 10.2, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows high pri
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10148 5.0
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Easily exploitable vulnerability allows unauthentic
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10147 5.0
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Easily exploitable vulnerability allows unauthentic
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10146 7.5
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with netwo
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10145 6.5
Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows low privileged attacker
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10144 5.0
Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: Oracle Diagnostics Interfaces). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker wi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10143 5.8
Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Preferences). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthe
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10142 5.5
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Mobile Apps). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10141 6.4
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3.0. Easily exploitable vulnerability allows unauthenticated attacker with netwo
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10137 7.5
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI). Supported versions that are affected are 10.3.6.0 and 12.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network acce
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10136 5.0
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). The supported version that is affected is 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10135 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulner
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10134 4.9
Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: eProcurement). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access v
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10133 4.0
Vulnerability in the Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite8/RestAPI). The supported version that is affected is 1.1. Easily exploitable vulnerability allows low privileged attacker with network acc
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10132 4.0
Vulnerability in the Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite8/iOS). The supported version that is affected is 1.05. Easily exploitable vulnerability allows low privileged attacker with network access
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10131 6.0
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulner
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10130 4.9
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Management). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows low p
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10129 4.6
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastruc
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10128 5.8
Vulnerability in the Hospitality WebSuite8 Cloud Service component of Oracle Hospitality Applications (subcomponent: General). Supported versions that are affected are 8.9.6 and 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10126 5.8
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: HTML Area). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10125 4.4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows physical access to compromise Java SE. While the vulnera
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10123 4.0
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). The supported version that is affected is 12.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access v
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10122 1.2
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructur
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10121 5.8
Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows unauthenticated attacke
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10120 1.9
Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege wit
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10119 4.9
Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: OSB Web Console Design, Admin). The supported version that is affected is 11.1.1.9.0. Easily exploitable vulnerability allows low privileged attacker with ne
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10118 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability a
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10117 5.0
Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows unauthenticated attacke
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10116 5.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit v
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10115 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerab
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10114 5.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple pr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10113 5.8
Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: CRM User Management Framework). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability a
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10112 5.8
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Registration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows una
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10111 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10110 6.8
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10109 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitabl
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10108 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitabl
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10107 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10106 5.8
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with netwo
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10105 4.3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via mu
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10104 6.5
Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows low privileged attacker
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10103 4.0
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10102 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticat
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10101 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticate
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10100 5.8
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: HTML Area). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10098 5.5
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Eas
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10097 5.8
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Reporting). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows unauthenticated
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10096 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticate
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10095 1.9
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10094 4.9
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network acc
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10093 5.0
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network ac
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10092 5.8
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network ac
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10091 4.0
Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: UI Framework). Supported versions that are affected are 12.1.0, 13.1.0 and 13.2.0. Easily exploitable vulnerability allows low pr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10090 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10089 6.8
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10088 3.6
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows high privileged attacker with logon to t
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10087 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthent
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10086 6.8
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple prot
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10085 5.5
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Eas
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10084 4.0
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Report Generator). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. E
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10083 5.8
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Eas
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10082 5.8
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network ac
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10081 4.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthentic
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10080 5.8
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network ac
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10079 5.8
Vulnerability in the Oracle Hospitality Suites Management component of Oracle Hospitality Applications (subcomponent: Core). The supported version that is affected is 3.7. Easily exploitable vulnerability allows unauthenticated attacker with network
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10078 5.5
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols t
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10076 5.5
Vulnerability in the Oracle Hospitality Simphony First Edition Venue Management component of Oracle Hospitality Applications (subcomponent: Core). The supported version that is affected is 3.9. Easily exploitable vulnerability allows low privileged a
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10075 5.8
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Supported versions that are affected are 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticate
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10074 5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthent
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10073 4.9
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Eas
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10072 5.5
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: All Modules). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10071 4.3
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: All Modules). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10070 5.8
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: Maintenance Folders). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated atta
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10069 3.5
Vulnerability in the Oracle Payment Interface component of Oracle Hospitality Applications (subcomponent: Core). The supported version that is affected is 6.1.1. Difficult to exploit vulnerability allows low privileged attacker with network access vi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10067 5.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mu
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10064 5.8
Vulnerability in the Hospitality WebSuite8 Cloud Service component of Oracle Hospitality Applications (subcomponent: General). Supported versions that are affected are 8.9.6 and 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10063 5.8
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Difficult to exploit vulnerability allows unauthentica
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10062 4.6
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Oracle Java Web Console). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infra
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10061 7.5
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacke
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10059 4.9
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Mobile Service). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10058 4.9
Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web Administration). Supported versions that are affected are 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitabl
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10057 4.9
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: Discussion Forum). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10056 2.1
Vulnerability in the Oracle Hospitality 9700 component of Oracle Hospitality Applications (subcomponent: Property Management Systems). The supported version that is affected is 4.0. Easily exploitable vulnerability allows low privileged attacker with
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10053 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerabi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10052 5.8
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: PCMServlet). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10049 5.8
Vulnerability in the Siebel Core CRM component of Oracle Siebel CRM (subcomponent: Search). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10048 5.8
Vulnerability in the Oracle Enterprise Repository component of Oracle Fusion Middleware (subcomponent: Web Interface). Supported versions that are affected are 11.1.1.7.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacke
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10047 6.4
Vulnerability in the MICROS BellaVita component of Oracle Hospitality Applications (subcomponent: Interface). The supported version that is affected is 2.7.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HT
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10046 4.9
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2 and 16.1. Easily exploitable vulnerabilit
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10045 2.6
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Difficult to exploit vulnerability allows unauthenticated attac
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10044 5.5
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Reporting). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged a
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10043 5.8
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with n
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10042 7.8
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: IKE). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via IKE to compr
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10041 4.9
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Supported versions that are affected are 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows low privileged attacker with n
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10040 5.8
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Supported versions that are affected are 11.1.1.9.0 and 12.2.1.1.0. Easily exploitable vulnerability allows unauthenticated attacker w
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10039 3.5
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Web Client). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network a
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10038 4.0
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability al
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10036 7.8
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NFSv4). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFSv4 to c
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10035 5.8
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network acce
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10032 5.5
Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Access Control List). Supported versions that are affected are 6.3.4.1, 6.3.5.1, 6.3.6.1, 6.3.7.1, 6.4.0, 6.4.1 and 6.4.2. Easily exp
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10031 6.4
Vulnerability in the Oracle Communications Convergence component of Oracle Communications Applications (subcomponent: Mail Proxy (dojo)). Supported versions that are affected are 3.0 and 3.0.1. Easily exploitable vulnerability allows unauthenticated
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10030 5.8
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10029 5.8
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10028 5.8
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10027 4.9
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Homepage & Navigation). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows low privileged
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10025 6.4
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10024 5.8
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Layout Tools). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10023 4.0
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Operations). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10022 4.0
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Operations). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10021 5.8
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Search). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with n
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10020 1.9
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Updates Change Assistant). Supported versions that are affected are 8.54 and 8.55. Difficult to exploit vulnerability allows low privileged
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10019 4.3
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacke
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10018 4.0
Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Strategic Sourcing). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network ac
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10017 5.8
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Workcenter). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with n
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10016 7.6
Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is AK 2013. Difficult to exploit vulnerability allows unauthenticated attack
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10015 4.7
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Application Designer). Supported versions that are affected are 8.54 and 8.55. Difficult to exploit vulnerability allows low privileged atta
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10013 7.6
Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is AK 2013. Difficult to exploit vulnerability allows unauthenticated attack
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10012 5.5
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Operations). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10011 4.9
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10010 4.9
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: FileUploads). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10009 4.0
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10008 4.0
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10007 4.0
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10006 4.0
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10005 5.8
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows u
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10004 7.2
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10003 4.4
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Network Services Library). The supported version that is affected is 10. Difficult to exploit vulnerability allows low privileged attacker with logon to the in
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10002 5.5
Vulnerability in the Oracle Hospitality Inventory Management component of Oracle Hospitality Applications (subcomponent: Settings and Config). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privi
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10001 6.0
Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Core). The supported version that is affected is 1.7.1. Easily exploitable vulnerability allows low privileged attacker with ne
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-10000 4.0
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Reporting). Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged a
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-5638 10.0
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string in a crafted Content-Type HTTP header, as exploited i
09-05-2017 - 21:29 10-03-2017 - 21:59
CVE-2016-2183 5.0
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birth
09-05-2017 - 21:29 31-08-2016 - 20:59
CVE-2016-2108 10.0
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "ne
09-05-2017 - 21:29 04-05-2016 - 21:59
CVE-2016-2107 2.6
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against
09-05-2017 - 21:29 04-05-2016 - 21:59
CVE-2015-3197 4.3
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 tra
09-05-2017 - 21:29 14-02-2016 - 21:59
CVE-2015-3195 5.0
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to ob
08-05-2017 - 21:29 06-12-2015 - 15:59
CVE-2017-5689 10.0
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability featu
06-05-2017 - 21:29 02-05-2017 - 10:59
CVE-2017-3732 4.3
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be
05-05-2017 - 21:29 04-05-2017 - 15:29
CVE-2017-3731 5.0
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can
05-05-2017 - 21:29 04-05-2017 - 15:29
CVE-2016-7055 2.6
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA
05-05-2017 - 21:29 04-05-2017 - 16:29
CVE-2016-0635 9.0
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.
24-04-2017 - 21:59 21-07-2016 - 06:12
CVE-2017-5651 7.5
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to th
21-04-2017 - 11:04 17-04-2017 - 12:59
CVE-2017-5650 5.0
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE before allowing the application
21-04-2017 - 10:39 17-04-2017 - 12:59
CVE-2017-5647 5.0
A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file pr
21-04-2017 - 09:59 17-04-2017 - 12:59
CVE-2014-3566 4.3
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
23-03-2017 - 21:59 14-10-2014 - 20:55
CVE-2016-5387 5.1
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an app
20-03-2017 - 21:59 18-07-2016 - 22:00
CVE-2016-5385 5.1
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attacker
20-03-2017 - 21:59 18-07-2016 - 22:00
CVE-2016-2182 7.5
The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified ot
07-03-2017 - 21:59 16-09-2016 - 01:59
CVE-2016-2109 7.8
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.
28-02-2017 - 21:59 04-05-2016 - 21:59
CVE-2016-2106 5.0
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
28-02-2017 - 21:59 04-05-2016 - 21:59
CVE-2016-2105 5.0
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
28-02-2017 - 21:59 04-05-2016 - 21:59
CVE-2015-8608 7.5
The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.
28-02-2017 - 13:55 07-02-2017 - 10:59
CVE-2016-2178 2.1
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
23-02-2017 - 14:43 19-06-2016 - 21:59
CVE-2016-2177 7.5
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveragi
23-02-2017 - 14:43 19-06-2016 - 21:59
CVE-2016-6302 5.0
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.
23-02-2017 - 14:22 16-09-2016 - 01:59
CVE-2016-2181 5.0
The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops
23-02-2017 - 14:12 16-09-2016 - 01:59
CVE-2016-2180 5.0
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application cra
23-02-2017 - 14:11 31-07-2016 - 22:59
CVE-2016-2179 5.0
The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many
23-02-2017 - 14:10 16-09-2016 - 01:59
CVE-2016-6303 7.5
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vect
23-02-2017 - 12:40 16-09-2016 - 01:59
CVE-2016-5388 5.1
Apache Tomcat through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote atta
16-02-2017 - 21:59 18-07-2016 - 22:00
CVE-2015-5254 7.5
Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.
07-02-2017 - 21:59 08-01-2016 - 14:59
CVE-2016-7052 5.0
crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.
01-02-2017 - 21:59 26-09-2016 - 15:59
CVE-2016-6309 10.0
statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session.
01-02-2017 - 21:59 26-09-2016 - 15:59
CVE-2016-6308 7.1
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.
01-02-2017 - 21:59 26-09-2016 - 15:59
CVE-2016-6307 4.3
The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted TLS messages, related to statem
01-02-2017 - 21:59 26-09-2016 - 15:59
CVE-2016-6306 4.3
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
01-02-2017 - 21:59 26-09-2016 - 15:59
CVE-2016-6305 5.0
The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call.
01-02-2017 - 21:59 26-09-2016 - 15:59
CVE-2016-6304 7.8
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.
01-02-2017 - 21:59 26-09-2016 - 15:59
CVE-2015-8607 7.5
The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted st
31-01-2017 - 21:59 13-01-2016 - 10:59
CVE-2014-0224 6.8
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL
18-01-2017 - 21:59 05-06-2014 - 17:55
CVE-2015-0286 5.0
The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of ser
02-01-2017 - 21:59 19-03-2015 - 18:59
CVE-2015-0235 10.0
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
02-01-2017 - 21:59 28-01-2015 - 14:59
CVE-2014-3571 5.0
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation fo
02-01-2017 - 21:59 08-01-2015 - 21:59
CVE-2015-1792 5.0
The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL valu
30-12-2016 - 21:59 12-06-2015 - 15:59
CVE-2015-1791 6.8
Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial
30-12-2016 - 21:59 12-06-2015 - 15:59
CVE-2015-1790 5.0
The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash)
30-12-2016 - 21:59 12-06-2015 - 15:59
CVE-2015-1789 4.3
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a cr
30-12-2016 - 21:59 12-06-2015 - 15:59
CVE-2015-1788 4.3
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial
30-12-2016 - 21:59 12-06-2015 - 15:59
CVE-2015-0254 7.5
Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag.
21-12-2016 - 21:59 09-03-2015 - 10:59
CVE-2015-7940 5.0
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "
07-12-2016 - 13:25 09-11-2015 - 11:59
CVE-2015-3253 7.5
The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.
05-12-2016 - 21:59 13-08-2015 - 10:59
CVE-2016-2381 5.0
Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
02-12-2016 - 22:25 08-04-2016 - 11:59
CVE-2016-1979 6.8
Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly h
02-12-2016 - 22:24 13-03-2016 - 14:59
CVE-2016-1950 6.8
Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via
02-12-2016 - 22:23 13-03-2016 - 14:59
CVE-2016-4465 5.0
The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field.
28-11-2016 - 15:18 04-07-2016 - 18:59
CVE-2016-4433 5.0
Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks via a crafted request.
28-11-2016 - 15:18 04-07-2016 - 18:59
CVE-2016-4431 5.0
Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks by leveraging a default method.
28-11-2016 - 15:18 04-07-2016 - 18:59
CVE-2016-3092 7.8
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (
28-11-2016 - 15:06 04-07-2016 - 18:59
CVE-2016-2834 9.3
Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
28-11-2016 - 15:05 13-06-2016 - 06:59
CVE-2016-1181 6.8
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart reques
28-11-2016 - 14:58 04-07-2016 - 18:59
CVE-2014-1912 7.5
Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.
28-11-2016 - 14:10 28-02-2014 - 19:55
CVE-2016-5019 7.5
CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserialization attacks via a crafted serialized view state string.
26-10-2016 - 22:00 03-10-2016 - 14:59
CVE-2016-4436 7.5
Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have unspecified impact via vectors related to improper action name clean up.
21-10-2016 - 10:35 03-10-2016 - 11:59
CVE-2016-4430 6.8
Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.
06-10-2016 - 11:12 04-07-2016 - 18:59
CVE-2016-4438 7.5
The REST plugin in Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression.
06-10-2016 - 11:07 04-07-2016 - 18:59
CVE-2016-5386 6.8
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which mi
28-09-2016 - 11:40 18-07-2016 - 22:00
CVE-2013-2027 4.6
Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.
29-08-2016 - 13:51 13-02-2015 - 10:59
CVE-2011-2730 7.5
VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via
17-01-2015 - 21:59 05-12-2012 - 12:55
Back to Top Mark selected
Back to Top