Skip to main content
CVE-2015-2572 MEDIUM POC PATCH This Month

Unspecified vulnerability in the Oracle Hyperion Smart View for Office component in Oracle Hyperion 11.1.2.5.216 and earlier, when running on Windows, allows local users to affect confidentiality,. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available.

Oracle Information Disclosure Microsoft Hyperion Smart View For Office
NVD Exploit-DB
CVSS 2.0
4.6
EPSS
0.5%
CVE-2015-0480 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
5.8
EPSS
7.5%
CVE-2015-0484 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre +3
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-1821 MEDIUM PATCH This Month

Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE Buffer Overflow Chrony Debian Linux
NVD
CVSS 2.0
6.5
EPSS
2.6%
CVE-2015-1822 MEDIUM PATCH This Month

chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service Debian Linux Chrony
NVD
CVSS 2.0
6.5
EPSS
2.1%
CVE-2015-0455 MEDIUM This Month

Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Database Server
NVD
CVSS 2.0
6.8
EPSS
0.3%
CVE-2015-0488 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jrockit Jdk +1
NVD
CVSS 2.0
5.0
EPSS
8.7%
CVE-2015-2570 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Demand Planning component in Oracle Supply Chain Products Suite 11.5.10, 12.0, 12.1, and 12.2 allows remote authenticated users to affect confidentiality,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Supply Chain Products Suite
NVD
CVSS 2.0
6.5
EPSS
0.9%
CVE-2015-0482 MEDIUM This Month

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.2.0 and 12.1.3.0 allows remote authenticated users to affect confidentiality, integrity, and. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
6.0
EPSS
0.4%
CVE-2015-0501 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Junos Space MySQL Debian Linux +11
NVD
CVSS 2.0
5.7
EPSS
1.7%
CVE-2015-2568 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security :. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Solaris Communications Policy Management MySQL +12
NVD
CVSS 2.0
5.0
EPSS
4.0%
CVE-2015-0476 MEDIUM This Month

Unspecified vulnerability in the SQL Trace Analyzer component in Oracle Support Tools before 12.1.11 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Sql Trace Analyzer
NVD
CVSS 2.0
5.5
EPSS
0.2%
CVE-2015-2575 MEDIUM PATCH This Month

Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Information Disclosure Oracle Debian Linux Linux Enterprise Desktop Linux Enterprise Server +2
NVD
CVSS 2.0
4.9
EPSS
1.8%
CVE-2015-3323 MEDIUM This Month

The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Thinkserver System Manager Baseboard Management Controller Firmware
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2015-0478 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Jrockit Jdk +1
NVD
CVSS 2.0
4.3
EPSS
4.1%
CVE-2015-0449 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect integrity via unknown vectors related. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-3319 MEDIUM This Month

Hotspot Express hotEx Billing Manager 73 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hotex Billing Manager
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-0486 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre +1
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-0464 MEDIUM This Month

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, and 6.3.6 allows remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Supply Chain Products Suite
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-0440 MEDIUM This Month

Unspecified vulnerability in the Oracle Knowledge component in Oracle Right Now Service Cloud 8.2.3.10.1 and 8.4.7.2 allows remote attackers to affect integrity via unknown vectors related to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Right Now Service Cloud
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-0477 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
4.3
EPSS
3.8%
CVE-2015-3322 MEDIUM PATCH This Month

Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Lenovo Thinkserver Rd650 Firmware Thinkserver Rd650 Thinkserver Td350 Firmware +7
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-0490 MEDIUM This Month

Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 allows remote authenticated users to affect confidentiality and. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Supply Chain Products Suite
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2015-0470 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect integrity via unknown vectors related to Hotspot. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
4.3
EPSS
1.7%
CVE-2015-0471 MEDIUM This Month

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to libelfsign. Rated medium severity (CVSS 4.4). No vendor patch available.

Information Disclosure Oracle Solaris
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2015-2565 MEDIUM This Month

Unspecified vulnerability in the Oracle Installed Base component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-0466 MEDIUM This Month

Unspecified vulnerability in the Oracle Retail Back Office component in Oracle Retail Applications 12.0, 12.0IN, 13.0, 13.1, 13.2, 13.3, 13.4, 14.0, and 14.1 allows remote attackers to affect. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Information Disclosure Microsoft Retail Applications
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-0447 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-0502 MEDIUM This Month

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1 and 8.2 allows remote attackers to affect integrity via unknown vectors related to Portal Framework. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-0473 MEDIUM This Month

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control MOS 12.1.0.5 and 12.1.0.6 allows remote attackers to affect integrity via unknown. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Enterprise Manager Grid Control
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-0456 MEDIUM This Month

Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to Portlet Services. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-0452 MEDIUM This Month

Unspecified vulnerability in the Oracle VM Server for SPARC component in Oracle Sun Systems Products Suite 3.1 and 3.2 allows remote attackers to affect confidentiality via unknown vectors related to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Vm Server
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0510 MEDIUM This Month

Unspecified vulnerability in the Oracle Commerce Platform component in Oracle Commerce Platform 9.4, 10.0, and 10.2 allows remote attackers to affect integrity via vectors related to Dynamo. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Commerce Platform
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0509 MEDIUM This Month

Unspecified vulnerability in the Oracle Hyperion BI+ component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote attackers to affect integrity via unknown vectors related to Reporting and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Hyperion
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0497 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise Portal Interaction Hub component in Oracle PeopleSoft Products 9.1.00 allows remote attackers to affect integrity via unknown vectors related to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0494 MEDIUM This Month

Unspecified vulnerability in the Oracle Retail Central Office component in Oracle Retail Applications 13.1, 13.2, 13.3, 13.4, 14.0, and 14.1 allows remote attackers to affect integrity via unknown. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Information Disclosure Microsoft Retail Applications
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0450 MEDIUM This Month

Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to WebCenter Spaces. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-3324 MEDIUM PATCH This Month

The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Thinkserver System Manager Baseboard Management Controller Firmware
NVD
CVSS 2.0
4.3
EPSS
0.1%
CVE-2015-0500 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Communications Policy Management Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Desktop +2
NVD
CVSS 2.0
4.0
EPSS
1.0%
CVE-2015-0439 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Desktop Suse Linux Enterprise Server +1
NVD
CVSS 2.0
4.0
EPSS
0.9%
CVE-2015-0423 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL Communications Policy Management Suse Linux Enterprise Software Development Kit +2
NVD
CVSS 2.0
4.0
EPSS
0.9%
CVE-2015-0438 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Desktop +1
NVD
CVSS 2.0
4.0
EPSS
0.8%
CVE-2015-0405 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Desktop +1
NVD
CVSS 2.0
4.0
EPSS
0.8%
CVE-2015-0479 MEDIUM This Month

Unspecified vulnerability in the XDK and XDB - XML Database component in Oracle Database Server 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect availability via unknown. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Database Server
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2015-0508 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2015-0503 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2015-0433 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Communications Policy Management MySQL Solaris +12
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2015-2573 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Solaris MySQL MariaDB +11
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2015-0441 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL Debian Linux Ubuntu Linux +10
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2015-0475 MEDIUM This Month

Unspecified vulnerability in the JD Edwards EnterpriseOne Technology component in Oracle JD Edwards Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Jd Edwards Products
NVD
CVSS 2.0
4.0
EPSS
0.3%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy