Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RBAC). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Portfolio Management). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Catalog Mover). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle iReceivables component of Oracle E-Business Suite (subcomponent: Self Registration). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated high severity (CVSS 7.7), this vulnerability is no authentication required. No vendor patch available.
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RBAC). Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.9), this vulnerability is low attack complexity.
Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: IPC Frameworks). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: Discovery Framework). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Retail Invoice Matching component of Oracle Retail Applications (subcomponent: Security). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component of Oracle Commerce (subcomponent: MDEX). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: RAS subsystems). Rated high severity (CVSS 7.8).
Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized NIC driver). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Security). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Social Network component of Oracle Fusion Middleware (subcomponent: Android Client). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
analyzer/protocol/dnp3/DNP3.cc in Bro before 2.3.2 does not reject certain non-zero values of a packet length, which allows remote attackers to cause a denial of service (buffer overflow or buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
analyzer/protocol/dnp3/DNP3.cc in Bro before 2.3.2 does not properly handle zero values of a packet length, which allows remote attackers to cause a denial of service (buffer overflow or buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
On Juniper Networks EX Series Ethernet Switches running affected Junos OS versions, a vulnerability in IPv6 processing has been discovered that may allow a specially crafted IPv6 Neighbor Discovery. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious attacker crafting packets destined to the device to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to perform a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Shared Folder). Rated high severity (CVSS 7.5).
Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Audience workbench). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: Interaction History). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: Web Console Design). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Servlet Runtime). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A firewall bypass vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to bypass firewall policies,. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Remote Administration Daemon). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite (subcomponent: Admin Console). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Catalog Mover). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.