Skip to main content
CVE-2017-3248 CRITICAL POC PATCH THREAT Act Now

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 91.2%.

Information Disclosure Oracle Weblogic Server
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
91.2%
Threat
6.2
CVE-2017-3241 CRITICAL POC PATCH THREAT Act Now

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 76.8%.

Information Disclosure Java Oracle Jdk Jre +1
NVD Exploit-DB VulDB
CVSS 3.0
9.0
EPSS
76.8%
Threat
5.6
CVE-2016-9636 CRITICAL POC THREAT Emergency

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.6%.

Buffer Overflow RCE Denial Of Service Gstreamer Enterprise Linux Desktop +4
NVD VulDB
CVSS 3.0
9.8
EPSS
16.6%
Threat
4.0
CVE-2016-9635 CRITICAL POC THREAT Emergency

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.1%.

Buffer Overflow RCE Denial Of Service Gstreamer Enterprise Linux Desktop +4
NVD VulDB
CVSS 3.0
9.8
EPSS
16.1%
CVE-2016-9634 CRITICAL POC THREAT Emergency

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.1%.

Buffer Overflow RCE Denial Of Service Gstreamer Enterprise Linux Desktop +4
NVD VulDB
CVSS 3.0
9.8
EPSS
16.1%
CVE-2016-10002 HIGH PATCH Act Now

Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 30.1%.

Information Disclosure Debian Linux Squid
NVD VulDB
CVSS 3.0
7.5
EPSS
30.1%
CVE-2017-3316 HIGH POC PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Oracle Vm Virtualbox
NVD Exploit-DB VulDB
CVSS 3.0
8.4
EPSS
2.8%
CVE-2017-5329 HIGH POC This Week

Palo Alto Networks Terminal Services Agent before 7.0.7 allows local users to gain privileges via vectors that trigger an out-of-bounds write operation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Paloalto Terminal Services Agent
NVD Exploit-DB VulDB
CVSS 3.1
7.8
EPSS
0.2%
CVE-2017-5598 HIGH POC This Week

An issue was discovered in eClinicalWorks healow@work 8.0 build 8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Patient Portal
NVD GitHub VulDB
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-3324 CRITICAL PATCH Act Now

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Authentication Bypass Oracle Primavera P6 Enterprise Project Portfolio Management
NVD VulDB
CVSS 3.0
10.0
EPSS
2.7%
CVE-2017-3266 CRITICAL PATCH Act Now

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Outside In Technology
NVD VulDB
CVSS 3.0
9.8
EPSS
2.9%
CVE-2017-3289 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD VulDB
CVSS 3.0
9.6
EPSS
1.1%
CVE-2017-3272 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD VulDB
CVSS 3.0
9.6
EPSS
1.1%
CVE-2016-8411 CRITICAL PATCH Act Now

Buffer overflow vulnerability while processing QMI QOS TLVs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Google Android
NVD VulDB
CVSS 3.0
9.8
EPSS
0.1%
CVE-2016-7569 MEDIUM POC PATCH This Month

Directory traversal vulnerability in docker2aci before 0.13.0 allows remote attackers to write to arbitrary files via a .. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Path Traversal Docker2Aci
NVD GitHub VulDB
CVSS 3.0
5.5
EPSS
1.2%
CVE-2016-8325 CRITICAL PATCH Act Now

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Internal Operations). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
9.1
EPSS
1.3%
CVE-2016-5528 CRITICAL PATCH Act Now

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Glassfish Server
NVD VulDB
CVSS 3.0
9.0
EPSS
0.9%
CVE-2017-3310 CRITICAL PATCH Act Now

Vulnerability in the OJVM component of Oracle Database Server. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database
NVD VulDB
CVSS 3.0
9.0
EPSS
0.6%
CVE-2017-3293 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters ). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Authentication Bypass Oracle Outside In Technology
NVD VulDB
CVSS 3.0
8.6
EPSS
1.5%
CVE-2017-3271 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters ). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Authentication Bypass Oracle Outside In Technology
NVD VulDB
CVSS 3.0
8.6
EPSS
1.5%
CVE-2016-1919 MEDIUM POC This Month

Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Samsung Information Disclosure Knox
NVD VulDB
CVSS 3.0
4.7
EPSS
0.1%
CVE-2017-3260 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle Jdk Jre
NVD VulDB
CVSS 3.0
8.3
EPSS
1.9%
CVE-2017-3332 HIGH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: VirtualBox SVGA Emulation). Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD VulDB
CVSS 3.0
8.4
EPSS
0.1%
CVE-2017-3442 HIGH PATCH This Week

Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Customer Interaction History
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3435 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3429 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3416 HIGH PATCH This Week

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Universal Work Queue
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3413 HIGH PATCH This Week

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Advanced Outbound Telephony
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3405 HIGH PATCH This Week

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Advanced Outbound Telephony
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3404 HIGH PATCH This Week

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Advanced Outbound Telephony
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3402 HIGH PATCH This Week

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Advanced Outbound Telephony
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3389 HIGH PATCH This Week

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Advanced Outbound Telephony
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3382 HIGH PATCH This Week

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Advanced Outbound Telephony
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3377 HIGH PATCH This Week

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Advanced Outbound Telephony
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3376 HIGH PATCH This Week

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Advanced Outbound Telephony
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3370 HIGH PATCH This Week

Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Isupport
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3334 HIGH PATCH This Week

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Marketing
NVD VulDB
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-3441 HIGH PATCH This Week

Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Customer Interaction History
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
CVE-2017-3439 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
CVE-2017-3438 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
CVE-2017-3437 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
CVE-2017-3436 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
CVE-2017-3433 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
CVE-2017-3431 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
CVE-2017-3430 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
CVE-2017-3428 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
CVE-2017-3427 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
CVE-2017-3426 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
CVE-2017-3425 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
CVE-2017-3424 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD VulDB
CVSS 3.0
8.2
EPSS
0.8%
Page 1 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy