Skip to main content
CVE-2016-5562 HIGH PATCH This Week

Unspecified vulnerability in the Oracle iProcurement component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Iprocurement
NVD
CVSS 3.0
7.6
EPSS
0.1%
CVE-2016-1000215 HIGH This Week

Ruckus Wireless H500 web management interface denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireless H500
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2016-1000032 HIGH This Week

TGCaptcha2 version 0.3.0 is vulnerable to a replay attack due to a missing nonce allowing attackers to use a single solved CAPTCHA multiple times. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tgcaptcha2
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-5495 HIGH PATCH This Week

Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to EUL Code & Schema. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Discoverer
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-5500 HIGH PATCH This Week

Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to Viewer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Discoverer
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-5564 HIGH PATCH This Week

Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote authenticated. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Hospitality Opera 5 Property Services
NVD
CVSS 3.0
7.4
EPSS
0.3%
CVE-2016-5526 HIGH PATCH This Week

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality, integrity, and availability via. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Tomcat Apache Authentication Bypass Agile Product Lifecycle Management
NVD
CVSS 3.0
7.3
EPSS
0.3%
CVE-2016-5539 HIGH PATCH This Week

Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality, integrity, and availability via unknown vectors. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Oracle Micros Xstore Payment
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2016-5492 HIGH PATCH This Week

Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality and integrity via vectors. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Oracle Authentication Bypass Sun Zfs Storage Appliance Kit
NVD
CVSS 3.0
7.1
EPSS
0.0%
CVE-2016-5625 HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging. Rated high severity (CVSS 7.0).

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2016-5610 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2016-5627 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2016-5609 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2016-5538 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2016-5540 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality and integrity via unknown vectors. Rated medium severity (CVSS 6.7).

Information Disclosure Oracle Micros Xstore Payment
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2016-5612 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL MariaDB Enterprise Linux Desktop +5
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2016-5624 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL MariaDB Enterprise Linux Desktop +5
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2016-3492 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server:. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL MariaDB Enterprise Linux Desktop +5
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2016-5581 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Oracle Authentication Bypass Irecruitment
NVD
CVSS 3.0
6.6
EPSS
0.0%
CVE-2016-5571 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 and 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Applications Dba
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2016-5570 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Applications Dba
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2016-5567 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 and 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Applications Dba
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2016-5626 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL MariaDB Enterprise Linux Eus +3
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2016-5521 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via unknown vectors,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Agile Product Lifecycle Management
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2016-5534 MEDIUM PATCH This Month

Unspecified vulnerability in the Siebel Apps - Customer Order Management component in Oracle Siebel CRM 16.1 allows remote authenticated users to affect confidentiality via unknown vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Siebel User Interface Framework
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2016-5585 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Interaction Center Intelligence component in Oracle E-Business Suite 12.1.1 through 12.1.3 allows remote attackers to affect confidentiality and integrity via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Interaction Center Intelligence
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2016-5572 MEDIUM PATCH This Month

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Rated medium severity (CVSS 6.4).

Privilege Escalation Oracle Database
NVD
CVSS 3.0
6.4
EPSS
0.1%
CVE-2016-5497 MEDIUM PATCH This Month

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Rated medium severity (CVSS 6.4).

Oracle Authentication Bypass Database
NVD
CVSS 3.0
6.4
EPSS
0.1%
CVE-2016-5604 MEDIUM PATCH This Month

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors. Rated medium severity (CVSS 6.3), this vulnerability is low attack complexity.

Oracle Authentication Bypass Enterprise Manager Base Platform
NVD
CVSS 3.0
6.3
EPSS
0.2%
CVE-2016-5601 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors. Rated medium severity (CVSS 6.3), this vulnerability is low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.0
6.3
EPSS
0.2%
CVE-2016-5597 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 3.0
5.9
EPSS
2.1%
CVE-2016-5543 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component in Oracle Financial Services Applications 12.0.0 and 12.1.0 allows remote attackers to affect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Flexcube Enterprise Limits And Collateral Management
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-5530 MEDIUM PATCH This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-5529 MEDIUM PATCH This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-5622 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-5512 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via unknown vectors,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Oracle Agile Product Lifecycle Management
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-5606 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
6.1
EPSS
0.0%
CVE-2016-5516 MEDIUM PATCH This Month

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 3.0
6.0
EPSS
0.1%
CVE-2016-5527 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via unknown vectors, a different. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Agile Product Lifecycle Management
NVD
CVSS 3.0
5.9
EPSS
0.3%
CVE-2016-5602 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Data Integrator
NVD
CVSS 3.0
5.7
EPSS
0.2%
CVE-2016-5598 MEDIUM PATCH This Month

Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Oracle Python Authentication Bypass Mysql Connector Python
NVD
CVSS 3.0
5.6
EPSS
0.3%
CVE-2016-5488 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.3.0 allows remote attackers to affect availability via vectors related to Web. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Weblogic Server
NVD
CVSS 3.0
5.3
EPSS
1.2%
CVE-2016-5486 MEDIUM PATCH This Month

Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality via vectors related to Core. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Sun Zfs Storage Appliance Kit
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-5505 MEDIUM PATCH This Month

Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Database Server
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-5517 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 allows local users to affect confidentiality via vectors related to AD Utilities. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Authentication Bypass Applications Dba
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-5608 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-5576 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel Zones. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2016-5628 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
2.9%
CVE-2016-5532 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Shipping Execution
NVD
CVSS 3.0
5.3
EPSS
0.9%
CVE-2016-5560 MEDIUM PATCH This Month

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 16.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to OpenUI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Siebel Customer Order Management
NVD
CVSS 3.0
5.4
EPSS
0.2%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy