Skip to main content
CVE-2017-3237 HIGH PATCH This Week

Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Automatic Service Request
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-6916 HIGH This Week

Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Google Integer Overflow Nvidia +4
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-3516 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized NIC driver). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Solaris
NVD
CVSS 3.0
7.7
EPSS
0.4%
CVE-2017-3308 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux MariaDB +6
NVD
CVSS 3.1
7.7
EPSS
0.3%
CVE-2017-3309 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Debian Linux MariaDB +6
NVD
CVSS 3.1
7.7
EPSS
0.3%
CVE-2017-3596 HIGH PATCH This Week

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Authentication Bypass Oracle Webcenter Sites
NVD
CVSS 3.0
7.6
EPSS
0.6%
CVE-2017-3450 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2017-3519 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Security). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
7.5
EPSS
0.9%
CVE-2017-3499 HIGH PATCH This Week

Vulnerability in the Oracle Social Network component of Oracle Fusion Middleware (subcomponent: Android Client). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Oracle Social Network
NVD
CVSS 3.0
7.5
EPSS
0.9%
CVE-2015-1522 HIGH PATCH This Week

analyzer/protocol/dnp3/DNP3.cc in Bro before 2.3.2 does not reject certain non-zero values of a packet length, which allows remote attackers to cause a denial of service (buffer overflow or buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Bro
NVD GitHub
CVSS 3.0
7.5
EPSS
0.8%
CVE-2015-1521 HIGH PATCH This Week

analyzer/protocol/dnp3/DNP3.cc in Bro before 2.3.2 does not properly handle zero values of a packet length, which allows remote attackers to cause a denial of service (buffer overflow or buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Bro
NVD GitHub
CVSS 3.0
7.5
EPSS
0.8%
CVE-2017-2313 HIGH This Week

Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-2315 HIGH This Week

On Juniper Networks EX Series Ethernet Switches running affected Junos OS versions, a vulnerability in IPv6 processing has been discovered that may allow a specially crafted IPv6 Neighbor Discovery. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-2323 HIGH This Week

A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious attacker crafting packets destined to the device to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Northstar Controller
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-2334 HIGH This Week

An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to perform a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Juniper Information Disclosure Northstar Controller
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-3538 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Shared Folder). Rated high severity (CVSS 7.5).

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-3432 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Audience workbench). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD
CVSS 3.0
7.1
EPSS
1.9%
CVE-2017-3393 HIGH PATCH This Week

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: Interaction History). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Advanced Outbound Telephony
NVD
CVSS 3.0
7.1
EPSS
1.9%
CVE-2017-3337 HIGH PATCH This Week

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.0
7.1
EPSS
1.9%
CVE-2017-3557 HIGH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Authentication Bypass Oracle One To One Fulfillment
NVD
CVSS 3.0
7.1
EPSS
1.9%
CVE-2017-3507 HIGH PATCH This Week

Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: Web Console Design). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Service Bus
NVD
CVSS 3.0
7.3
EPSS
0.8%
CVE-2017-3531 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Servlet Runtime). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Weblogic Server
NVD
CVSS 3.0
7.2
EPSS
1.2%
CVE-2017-2331 HIGH This Week

A firewall bypass vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to bypass firewall policies,. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Juniper Information Disclosure Northstar Controller
NVD
CVSS 3.0
7.3
EPSS
0.7%
CVE-2017-3497 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Remote Administration Daemon). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Solaris
NVD
CVSS 3.0
7.3
EPSS
0.6%
CVE-2014-9680 LOW POC Monitor

sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access (but not view file contents). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Sudo
NVD
CVSS 3.0
3.3
EPSS
0.4%
CVE-2017-3550 HIGH This Week

Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite (subcomponent: Admin Console). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Customer Interaction History
NVD
CVSS 3.0
7.1
EPSS
1.0%
CVE-2017-3591 HIGH PATCH This Week

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Catalog Mover). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Webcenter Sites
NVD
CVSS 3.0
7.1
EPSS
0.9%
CVE-2017-3593 HIGH PATCH This Week

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Webcenter Sites
NVD
CVSS 3.0
7.1
EPSS
0.7%
CVE-2017-3486 HIGH This Week

Vulnerability in the SQL*Plus component of Oracle Database Server. Rated high severity (CVSS 7.2). No vendor patch available.

Microsoft Information Disclosure Oracle Sql Plus
NVD
CVSS 3.0
7.2
EPSS
0.1%
CVE-2017-3616 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2017-3615 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2017-3614 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2017-3613 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2017-3612 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2017-3610 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2017-3609 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2017-3608 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2017-3607 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2017-3606 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2017-3604 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2017-3617 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2017-3611 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2017-3605 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2017-3574 HIGH This Week

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA License code configuration). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Hospitality Opera 5 Property Services
NVD
CVSS 3.0
7.1
EPSS
0.3%
CVE-2017-3595 HIGH PATCH This Week

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Webcenter Sites
NVD
CVSS 3.0
7.1
EPSS
0.3%
CVE-2017-3476 HIGH PATCH This Week

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Flexcube Private Banking
NVD
CVSS 3.0
7.1
EPSS
0.3%
CVE-2017-3618 HIGH PATCH This Week

Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Authentication Bypass Oracle Automatic Service Request
NVD
CVSS 3.0
7.1
EPSS
0.1%
CVE-2017-3485 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service Oracle Flexcube Universal Banking
NVD
CVSS 3.0
6.8
EPSS
0.4%
CVE-2017-3520 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
6.5
EPSS
1.6%
CVE-2017-3571 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise SCM eBill Payment component of Oracle PeopleSoft Products (subcomponent: Security). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Peoplesoft Ebill Payment
NVD
CVSS 3.1
6.5
EPSS
1.5%
Prev Page 3 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy