Skip to main content
CVE-2015-4870 MEDIUM POC PATCH THREAT This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 22.1%.

Information Disclosure Oracle Linux Solaris Leap +12
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
22.1%
CVE-2015-7823 MEDIUM POC THREAT This Month

Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS 8.2 through 8.2.41 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 12.7%.

Open Redirect Kentico Cms
NVD
CVSS 2.0
5.8
EPSS
12.7%
CVE-2015-7822 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Kentico CMS 8.2 allow remote attackers to inject arbitrary web script or HTML via a (1) parameter name to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Kentico Cms
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-4851 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service XXE Oracle E Business Suite
NVD
CVSS 2.0
6.8
EPSS
1.4%
CVE-2015-4849 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Payments component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service XXE Oracle E Business Suite
NVD
CVSS 2.0
6.8
EPSS
1.4%
CVE-2015-4806 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
6.4
EPSS
2.8%
CVE-2015-4810 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Rated medium severity (CVSS 6.9). No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2015-4837 MEDIUM This Month

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Security. Rated medium severity (CVSS 6.6). No vendor patch available.

Information Disclosure Oracle Solaris
NVD
CVSS 2.0
6.6
EPSS
0.1%
CVE-2015-4888 MEDIUM PATCH This Month

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Database Server
NVD
CVSS 2.0
6.5
EPSS
0.4%
CVE-2015-4900 MEDIUM This Month

Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Database Server
NVD
CVSS 2.0
6.5
EPSS
0.4%
CVE-2015-4886 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service XXE Oracle E Business Suite
NVD
CVSS 2.0
6.4
EPSS
0.6%
CVE-2015-4827 MEDIUM This Month

Unspecified vulnerability in the Oracle Retail Open Commerce Platform component in Oracle Retail Applications 3.0 allows remote attackers to affect confidentiality and integrity via unknown vectors. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Retail Applications
NVD
CVSS 2.0
6.4
EPSS
0.3%
CVE-2015-4893 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jrockit Jdk +1
NVD
CVSS 2.0
5.0
EPSS
6.6%
CVE-2015-4882 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
5.0
EPSS
6.6%
CVE-2015-4803 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jrockit Jdk +1
NVD
CVSS 2.0
5.0
EPSS
6.6%
CVE-2015-4871 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
5.8
EPSS
2.4%
CVE-2015-4820 MEDIUM This Month

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different. Rated medium severity (CVSS 6.2). No vendor patch available.

Information Disclosure Oracle Solaris
NVD
CVSS 2.0
6.2
EPSS
0.2%
CVE-2015-4817 MEDIUM This Month

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel Zones virtualized NIC driver. Rated medium severity (CVSS 6.2). No vendor patch available.

Information Disclosure Oracle Solaris
NVD
CVSS 2.0
6.2
EPSS
0.2%
CVE-2015-4887 MEDIUM PATCH This Month

Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality, integrity, and availability via. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
6.0
EPSS
0.4%
CVE-2015-4859 MEDIUM PATCH This Month

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote attackers to affect confidentiality and. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Information Disclosure Oracle Enterprise Manager Grid Control
NVD
CVSS 2.0
5.8
EPSS
0.4%
CVE-2015-4872 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jrockit Jdk +1
NVD
CVSS 2.0
5.0
EPSS
3.6%
CVE-2015-4842 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
5.0
EPSS
3.1%
CVE-2015-4840 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
5.0
EPSS
3.1%
CVE-2015-4734 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
5.0
EPSS
3.1%
CVE-2015-4857 MEDIUM PATCH This Month

Unspecified vulnerability in the RDBMS component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 2.0
5.5
EPSS
0.2%
CVE-2015-4850 MEDIUM PATCH This Month

Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
5.5
EPSS
0.2%
CVE-2015-4818 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 allows remote authenticated users to affect confidentiality and integrity via vectors. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
5.5
EPSS
0.2%
CVE-2015-4896 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when a VM has the Remote Display feature (RDP). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Vm Virtualbox Debian Linux
NVD
CVSS 2.0
5.0
EPSS
1.5%
CVE-2015-4875 MEDIUM PATCH This Month

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote attackers to affect availability via unknown. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Enterprise Manager Grid Control
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2015-1829 MEDIUM This Month

Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.7, 11.1.1.9, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
5.0
EPSS
1.0%
CVE-2015-4884 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-4848 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Supply Chain Products Suite
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-4894 MEDIUM PATCH This Month

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server 10.3.0.3, 11.3.0.2, and 12.1.0.0 allows remote authenticated users to affect integrity and availability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Information Disclosure Oracle Database Mobile Lite Server
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2015-4869 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via unknown vectors related to Kernel. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2015-4856 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.30, 4.1.38, 4.2.30, 4.3.26, and 5.0.0 allows local users to affect availability via. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2015-4831 MEDIUM This Month

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2015-4822. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Solaris
NVD
CVSS 2.0
4.9
EPSS
0.1%
CVE-2015-4816 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL Linux Solaris +10
NVD
CVSS 2.0
4.0
EPSS
4.0%
CVE-2015-4891 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to NSCD. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 2.0
4.6
EPSS
0.3%
CVE-2015-4879 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable.

Information Disclosure Oracle Linux Solaris MySQL +10
NVD
CVSS 2.0
4.6
EPSS
0.3%
CVE-2015-2642 MEDIUM This Month

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gzip. Rated medium severity (CVSS 4.4). No vendor patch available.

Information Disclosure Oracle Solaris
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2015-4841 MEDIUM PATCH This Month

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM IP2014 and IP2015 allows remote attackers to affect confidentiality via unknown vectors related to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2015-4854 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Oracle E Business Suite
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2015-4845 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Java Oracle E Business Suite
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-4880 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 allows remote attackers to affect integrity via unknown vectors related to Content Server, a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-4867 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 allows remote attackers to affect integrity via unknown vectors related to Content Server, a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-4899 MEDIUM This Month

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality via unknown vectors related to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-4793 MEDIUM This Month

Unspecified vulnerability in the Oracle Communications Convergence component in Oracle Communications Applications 2.0 and 3.0.1 allows remote attackers to affect confidentiality via unknown vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Communications Applications
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-4847 MEDIUM This Month

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors related. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Supply Chain Products Suite
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-4832 MEDIUM This Month

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.7, 11.1.2.2, and 11.1.2.3 allows remote attackers to affect integrity via vectors related to OIM. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-4799 MEDIUM This Month

Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, 11.1.1.6.1, and 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.3%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy