Skip to main content
CVE-2016-3447 MEDIUM This Month

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Applications Framework
NVD
CVSS 3.0
6.9
EPSS
0.2%
CVE-2016-0678 MEDIUM This Month

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.18 allows local users to affect confidentiality, integrity, and availability via vectors. Rated medium severity (CVSS 6.7). No vendor patch available.

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2016-0684 MEDIUM This Month

Unspecified vulnerability in the Oracle Retail MICROS ARS POS component in Oracle Retail Applications 1.5 allows remote authenticated users to affect confidentiality via vectors related to POS. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Micros Arspos
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2016-0407 MEDIUM PATCH This Month

Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via vectors related to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Peoplesoft Enterprise Human Capital Management Human Resources
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2013-7449 MEDIUM This Month

The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux Xchat Xchat Gnome Hexchat
NVD GitHub
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-0695 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre +10
NVD
CVSS 3.0
5.9
EPSS
2.9%
CVE-2016-3431 MEDIUM This Month

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Agile Product Lifecycle Management
NVD
CVSS 3.0
6.4
EPSS
0.1%
CVE-2016-3420 MEDIUM This Month

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Agile Product Lifecycle Management
NVD
CVSS 3.0
6.4
EPSS
0.1%
CVE-2016-0640 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Information Disclosure Oracle MySQL Linux Leap +4
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-3416 MEDIUM This Month

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality and integrity via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Weblogic Server
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-0700 MEDIUM This Month

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Weblogic Server
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-0675 MEDIUM This Month

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Weblogic Server
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-3463 MEDIUM This Month

Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Flexcube Direct Banking
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-0672 MEDIUM This Month

Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Flexcube Direct Banking
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-0479 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Business Intelligence
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-3425 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre +1
NVD
CVSS 3.0
4.3
EPSS
9.1%
CVE-2016-0677 MEDIUM This Month

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Database
NVD
CVSS 3.0
5.9
EPSS
1.0%
CVE-2016-0697 MEDIUM This Month

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows local users to affect confidentiality and integrity. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Application Object Library
NVD
CVSS 3.0
6.0
EPSS
0.2%
CVE-2016-0669 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Fwflash. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
6.0
EPSS
0.0%
CVE-2016-3464 MEDIUM This Month

Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote authenticated users to affect confidentiality via vectors related. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Flexcube Direct Banking
NVD
CVSS 3.0
5.7
EPSS
0.2%
CVE-2016-3977 MEDIUM PATCH This Month

Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Opensuse Giflib
NVD
CVSS 3.0
5.5
EPSS
0.8%
CVE-2016-0651 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle MySQL MariaDB Linux Enterprise Debuginfo +12
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2016-0666 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Enterprise Linux Debian Linux MariaDB +4
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-0648 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Debian Linux Leap Linux +4
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-0647 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Leap Debian Linux Linux +4
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-0650 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Linux Leap Powerkvm +4
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-0649 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Powerkvm Enterprise Linux Leap +4
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-0646 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Debian Linux Linux Enterprise Linux +4
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-0644 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Debian Linux Leap Linux +4
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-0469 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Retail MICROS C2 component in Oracle Retail Applications 9.89.0.0 allows local users to affect confidentiality via vectors related to POS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Micros C2
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-0665 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Enterprise Linux MySQL Ubuntu Linux
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-0662 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Partition. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-0659 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Optimizer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-0657 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect confidentiality via vectors related to JSON. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-3465 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to ZFS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-0658 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Optimizer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-0656 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0654. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-0654 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0656. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-0653 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to FTS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-0652 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to DML. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-3462 MEDIUM This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Network Configuration Service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-0696 MEDIUM This Month

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 allows remote attackers to affect confidentiality and integrity via vectors related to Console. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Weblogic Server
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-0673 MEDIUM This Month

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Siebel Ui Framework
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-0468 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Business Intelligence
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-3442 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-3417 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-0698 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-0408 MEDIUM PATCH This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 through 8.55 allows remote authenticated users to affect confidentiality and integrity. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-3423 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
5.4
EPSS
0.1%
CVE-2016-0685 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
5.4
EPSS
0.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy