Skip to main content
CVE-2017-3268 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD VulDB
CVSS 3.0
7.5
EPSS
1.9%
CVE-2017-3267 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD VulDB
CVSS 3.0
7.5
EPSS
1.9%
CVE-2017-3253 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +1
NVD VulDB
CVSS 3.0
7.5
EPSS
1.8%
CVE-2016-10003 HIGH PATCH This Week

Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Squid
NVD VulDB
CVSS 3.1
7.5
EPSS
1.8%
CVE-2016-9795 HIGH This Week

The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

HP Information Disclosure Ca Workload Automation Ae Client Automation Systemedge +3
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2016-5546 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +1
NVD VulDB
CVSS 3.0
7.5
EPSS
1.2%
CVE-2017-3330 HIGH PATCH This Week

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: Open UI). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Siebel Ui Framework
NVD VulDB
CVSS 3.0
7.6
EPSS
0.3%
CVE-2016-5827 HIGH This Week

The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Libical
NVD VulDB
CVSS 3.1
7.5
EPSS
0.8%
CVE-2016-5826 HIGH This Week

The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Libical
NVD VulDB
CVSS 3.0
7.5
EPSS
0.8%
CVE-2017-5601 HIGH PATCH This Week

An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Libarchive
NVD GitHub VulDB
CVSS 3.0
7.5
EPSS
0.7%
CVE-2016-5822 HIGH This Week

Huawei Oceanstor 5800 before V300R002C10SPC100 allows remote attackers to cause a denial of service (CPU consumption) via a large number of crafted HTTP packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Oceanstor 5800 V3
NVD VulDB
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-5328 HIGH This Week

Palo Alto Networks Terminal Services Agent before 7.0.7 allows attackers to spoof arbitrary users via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Terminal Services Agent
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2017-3249 HIGH PATCH This Week

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Glassfish Server
NVD VulDB
CVSS 3.0
7.3
EPSS
0.8%
CVE-2017-3250 HIGH PATCH This Week

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Denial Of Service Oracle Information Disclosure Glassfish Server
NVD VulDB
CVSS 3.0
7.3
EPSS
0.7%
CVE-2016-8310 HIGH PATCH This Week

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Flexcube Universal Banking
NVD VulDB
CVSS 3.0
7.3
EPSS
0.6%
CVE-2016-5590 HIGH PATCH This Week

Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Agent). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Mysql Enterprise Monitor
NVD VulDB
CVSS 3.0
7.2
EPSS
0.8%
CVE-2017-3238 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux MariaDB +6
NVD VulDB
CVSS 3.1
6.5
EPSS
2.5%
CVE-2016-8318 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD VulDB
CVSS 3.0
6.8
EPSS
0.2%
CVE-2017-3312 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Rated medium severity (CVSS 6.7).

Information Disclosure Oracle MySQL Debian Linux MariaDB
NVD VulDB
CVSS 3.1
6.7
EPSS
0.1%
CVE-2017-3273 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD VulDB
CVSS 3.0
6.5
EPSS
0.9%
CVE-2017-3256 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD VulDB
CVSS 3.0
6.5
EPSS
0.6%
CVE-2016-5549 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre
NVD VulDB
CVSS 3.0
6.5
EPSS
0.5%
CVE-2016-5548 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre
NVD VulDB
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-3244 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux MariaDB +6
NVD VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2017-3258 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL MariaDB Debian Linux +6
NVD VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2016-8311 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Flexcube Universal Banking
NVD VulDB
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-3257 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Oracle MySQL MariaDB Debian Linux
NVD VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2016-5545 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD VulDB
CVSS 3.0
6.3
EPSS
0.6%
CVE-2016-8299 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Authentication Bypass Oracle Flexcube Universal Banking
NVD VulDB
CVSS 3.0
6.3
EPSS
0.3%
CVE-2017-3291 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Rated medium severity (CVSS 6.3).

Information Disclosure Oracle MySQL MariaDB Debian Linux +6
NVD VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2017-3300 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Multichannel Framework). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Oracle Peoplesoft Enterprise Peopletools
NVD VulDB
CVSS 3.0
6.1
EPSS
1.0%
CVE-2016-8320 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Flexcube Enterprise Limits And Collateral Management
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-8319 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Flexcube Investor Servicing
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-8282 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Flexcube Private Banking
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2017-3314 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Flexcube Universal Banking
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2017-3298 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-8329 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Mobile Application Platform). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-8303 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Flexcube Universal Banking
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2017-3299 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Search Functionality). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2017-5599 MEDIUM This Month

An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Patient Portal
NVD GitHub VulDB
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-3286 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite (subcomponent: Patching). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Authentication Bypass Oracle Applications Dba
NVD VulDB
CVSS 3.0
6.0
EPSS
0.1%
CVE-2017-3246 MEDIUM PATCH This Month

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Patching). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Authentication Bypass Oracle Application Object Library
NVD VulDB
CVSS 3.0
6.0
EPSS
0.1%
CVE-2017-3242 MEDIUM PATCH This Month

Vulnerability in the Oracle VM Server for Sparc component of Oracle Sun Systems Products Suite (subcomponent: LDOM Manager). Rated medium severity (CVSS 5.9), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Server
NVD VulDB
CVSS 3.0
5.9
EPSS
0.1%
CVE-2017-3255 MEDIUM PATCH This Month

Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: ADF Faces). Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure Jdeveloper
NVD VulDB
CVSS 3.0
5.8
EPSS
0.5%
CVE-2017-3252 MEDIUM This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Java Oracle Jdk Jre +1
NVD VulDB
CVSS 3.0
5.8
EPSS
0.4%
CVE-2017-3292 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Authentication Bypass Information Disclosure Peoplesoft Enterprise Peopletools
NVD VulDB
CVSS 3.0
5.7
EPSS
0.4%
CVE-2017-3276 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized block driver). Rated medium severity (CVSS 5.7).

Denial Of Service Oracle Solaris
NVD VulDB
CVSS 3.0
5.7
EPSS
0.0%
CVE-2017-3265 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Rated medium severity (CVSS 5.6).

Authentication Bypass Oracle MySQL Enterprise Linux Desktop Enterprise Linux Eus +6
NVD VulDB
CVSS 3.1
5.6
EPSS
0.2%
CVE-2016-5825 MEDIUM This Month

The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Libical
NVD VulDB
CVSS 3.0
5.5
EPSS
0.5%
CVE-2016-5823 MEDIUM This Month

The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free Libical
NVD VulDB
CVSS 3.0
5.5
EPSS
0.4%
Prev Page 4 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy