Skip to main content
CVE-2016-3427 CRITICAL KEV PATCH THREAT Act Now

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 94.0%.

Java Oracle Authentication Bypass
NVD VulDB
CVSS 3.1
9.8
EPSS
94.0%
Threat
6.3
CVE-2016-2004 CRITICAL POC THREAT Emergency

HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 92.7%.

RCE Authentication Bypass Data Protector
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
92.7%
Threat
6.2
CVE-2016-0638 CRITICAL PATCH Act Now

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 70.9%.

Information Disclosure Java Oracle Weblogic Server
NVD
CVSS 3.0
9.8
EPSS
70.9%
Threat
4.1
CVE-2016-2007 CRITICAL Emergency

HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3354. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 47.2% and no vendor patch available.

RCE Data Protector
NVD
CVSS 3.0
9.8
EPSS
47.2%
CVE-2016-2006 CRITICAL Emergency

HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3353. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 47.2% and no vendor patch available.

RCE Data Protector
NVD
CVSS 3.0
9.8
EPSS
47.2%
CVE-2016-2005 CRITICAL Emergency

HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 47.2% and no vendor patch available.

RCE Data Protector
NVD
CVSS 3.0
9.8
EPSS
47.2%
CVE-2016-0639 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 15.3%.

Information Disclosure Oracle Enterprise Linux MySQL
NVD
CVSS 3.0
9.8
EPSS
15.3%
CVE-2016-2008 CRITICAL Act Now

HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.2% and no vendor patch available.

RCE Data Protector
NVD
CVSS 3.0
9.8
EPSS
13.2%
CVE-2016-1363 CRITICAL Act Now

Buffer overflow in the redirection functionality in Cisco Wireless LAN Controller (WLC) Software 7.2 through 7.4 before 7.4.140.0(MD) and 7.5 through 8.0 before 8.0.115.0(ED) allows remote attackers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.6% and no vendor patch available.

Cisco RCE Buffer Overflow Wireless Lan Controller Software
NVD
CVSS 3.1
9.8
EPSS
11.6%
CVE-2016-0687 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 3.0
9.6
EPSS
5.2%
CVE-2016-0686 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 3.0
9.6
EPSS
5.2%
CVE-2016-0693 CRITICAL Act Now

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2016-3443 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Java Oracle Jdk Jre
NVD
CVSS 3.0
9.6
EPSS
3.0%
CVE-2016-3454 CRITICAL Act Now

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Java Oracle Database
NVD
CVSS 3.0
9.0
EPSS
1.2%
CVE-2016-0699 CRITICAL Act Now

Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Flexcube Direct Banking
NVD
CVSS 3.0
9.1
EPSS
0.7%
CVE-2016-3466 CRITICAL Act Now

Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Field Service
NVD
CVSS 3.0
9.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy