Skip to main content
CVE-2016-7569 MEDIUM POC PATCH This Month

Directory traversal vulnerability in docker2aci before 0.13.0 allows remote attackers to write to arbitrary files via a .. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Path Traversal Docker2Aci
NVD GitHub VulDB
CVSS 3.0
5.5
EPSS
1.2%
CVE-2016-1919 MEDIUM POC This Month

Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Samsung Information Disclosure Knox
NVD VulDB
CVSS 3.0
4.7
EPSS
0.1%
CVE-2017-3238 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux MariaDB +6
NVD VulDB
CVSS 3.1
6.5
EPSS
2.5%
CVE-2016-8318 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD VulDB
CVSS 3.0
6.8
EPSS
0.2%
CVE-2017-3312 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Rated medium severity (CVSS 6.7).

Information Disclosure Oracle MySQL Debian Linux MariaDB
NVD VulDB
CVSS 3.1
6.7
EPSS
0.1%
CVE-2017-3273 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD VulDB
CVSS 3.0
6.5
EPSS
0.9%
CVE-2017-3256 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD VulDB
CVSS 3.0
6.5
EPSS
0.6%
CVE-2016-5549 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre
NVD VulDB
CVSS 3.0
6.5
EPSS
0.5%
CVE-2016-5548 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre
NVD VulDB
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-3244 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux MariaDB +6
NVD VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2017-3258 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL MariaDB Debian Linux +6
NVD VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2016-8311 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Flexcube Universal Banking
NVD VulDB
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-3257 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Oracle MySQL MariaDB Debian Linux
NVD VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2016-5545 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD VulDB
CVSS 3.0
6.3
EPSS
0.6%
CVE-2016-8299 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Authentication Bypass Oracle Flexcube Universal Banking
NVD VulDB
CVSS 3.0
6.3
EPSS
0.3%
CVE-2017-3291 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Rated medium severity (CVSS 6.3).

Information Disclosure Oracle MySQL MariaDB Debian Linux +6
NVD VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2017-3300 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Multichannel Framework). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Oracle Peoplesoft Enterprise Peopletools
NVD VulDB
CVSS 3.0
6.1
EPSS
1.0%
CVE-2016-8320 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Flexcube Enterprise Limits And Collateral Management
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-8319 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Flexcube Investor Servicing
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-8282 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Flexcube Private Banking
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2017-3314 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Flexcube Universal Banking
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2017-3298 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-8329 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Mobile Application Platform). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-8303 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Flexcube Universal Banking
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2017-3299 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Search Functionality). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD VulDB
CVSS 3.0
6.1
EPSS
0.5%
CVE-2017-5599 MEDIUM This Month

An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Patient Portal
NVD GitHub VulDB
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-3286 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite (subcomponent: Patching). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Authentication Bypass Oracle Applications Dba
NVD VulDB
CVSS 3.0
6.0
EPSS
0.1%
CVE-2017-3246 MEDIUM PATCH This Month

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Patching). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Authentication Bypass Oracle Application Object Library
NVD VulDB
CVSS 3.0
6.0
EPSS
0.1%
CVE-2017-3242 MEDIUM PATCH This Month

Vulnerability in the Oracle VM Server for Sparc component of Oracle Sun Systems Products Suite (subcomponent: LDOM Manager). Rated medium severity (CVSS 5.9), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Server
NVD VulDB
CVSS 3.0
5.9
EPSS
0.1%
CVE-2017-3255 MEDIUM PATCH This Month

Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: ADF Faces). Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure Jdeveloper
NVD VulDB
CVSS 3.0
5.8
EPSS
0.5%
CVE-2017-3252 MEDIUM This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Java Oracle Jdk Jre +1
NVD VulDB
CVSS 3.0
5.8
EPSS
0.4%
CVE-2017-3292 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Authentication Bypass Information Disclosure Peoplesoft Enterprise Peopletools
NVD VulDB
CVSS 3.0
5.7
EPSS
0.4%
CVE-2017-3276 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized block driver). Rated medium severity (CVSS 5.7).

Denial Of Service Oracle Solaris
NVD VulDB
CVSS 3.0
5.7
EPSS
0.0%
CVE-2017-3265 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Rated medium severity (CVSS 5.6).

Authentication Bypass Oracle MySQL Enterprise Linux Desktop Enterprise Linux Eus +6
NVD VulDB
CVSS 3.1
5.6
EPSS
0.2%
CVE-2016-5825 MEDIUM This Month

The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Libical
NVD VulDB
CVSS 3.0
5.5
EPSS
0.5%
CVE-2016-5823 MEDIUM This Month

The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free Libical
NVD VulDB
CVSS 3.0
5.5
EPSS
0.4%
CVE-2016-3996 MEDIUM This Month

ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Knox
NVD VulDB
CVSS 3.0
5.5
EPSS
0.4%
CVE-2016-5824 MEDIUM PATCH This Month

libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Libical Ubuntu Linux +6
NVD GitHub VulDB
CVSS 3.0
5.5
EPSS
0.3%
CVE-2016-5547 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +1
NVD VulDB
CVSS 3.0
5.3
EPSS
1.3%
CVE-2016-9298 MEDIUM PATCH This Month

Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Imagemagick
NVD GitHub VulDB
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-1920 MEDIUM This Month

Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Samsung Knox
NVD VulDB
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-3243 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL MariaDB Debian Linux +6
NVD VulDB
CVSS 3.1
4.4
EPSS
5.6%
CVE-2016-8306 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Flexcube Investor Servicing
NVD VulDB
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-5623 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Flexcube Private Banking
NVD VulDB
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-8324 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Flexcube Core Banking
NVD VulDB
CVSS 3.0
5.3
EPSS
0.7%
CVE-2016-8307 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Flexcube Universal Banking
NVD VulDB
CVSS 3.0
5.3
EPSS
0.7%
CVE-2016-8316 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Flexcube Investor Servicing
NVD VulDB
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-8304 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Flexcube Universal Banking
NVD VulDB
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-5552 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +1
NVD VulDB
CVSS 3.0
5.3
EPSS
0.7%
CVE-2016-8323 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Flexcube Core Banking
NVD VulDB
CVSS 3.0
5.4
EPSS
0.2%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy