Skip to main content
CVE-2017-10171 HIGH PATCH This Week

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Home Page). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10170 HIGH PATCH This Week

Vulnerability in the Oracle Field Service component of Oracle E-Business Suite (subcomponent: Wireless/WAP). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Field Service
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10156 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10143 HIGH PATCH This Week

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Preferences). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Customer Relationship Management Technical Foundation
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10113 HIGH PATCH This Week

Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: CRM User Management Framework). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Common Applications
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10043 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10024 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Layout Tools). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10191 HIGH PATCH This Week

Vulnerability in the Oracle Web Analytics component of Oracle E-Business Suite (subcomponent: Common Libraries). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Web Analytics
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10048 HIGH PATCH This Week

Vulnerability in the Oracle Enterprise Repository component of Oracle Fusion Middleware (subcomponent: Web Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Enterprise Repository
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10035 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10030 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10029 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10028 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10214 HIGH PATCH This Week

Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xstore Office). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass Oracle Retail Xstore Point Of Service
NVD
CVSS 3.0
8.2
EPSS
1.6%
CVE-2017-10074 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle Jdk Jre +23
NVD
CVSS 3.1
8.3
EPSS
1.0%
CVE-2017-10114 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle Jdk Jre +17
NVD
CVSS 3.1
8.3
EPSS
0.9%
CVE-2017-10061 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
8.3
EPSS
0.9%
CVE-2017-10146 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
8.3
EPSS
0.7%
CVE-2017-8591 HIGH PATCH This Week

Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
7.8
EPSS
3.1%
CVE-2017-10078 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +25
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2017-10112 HIGH PATCH This Week

Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Registration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Istore
NVD
CVSS 3.0
8.2
EPSS
1.0%
CVE-2017-10040 HIGH PATCH This Week

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Webcenter Content
NVD
CVSS 3.0
8.2
EPSS
0.9%
CVE-2017-10144 HIGH PATCH This Week

Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: Oracle Diagnostics Interfaces). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Applications Manager
NVD
CVSS 3.0
7.5
EPSS
4.4%
CVE-2017-10177 HIGH PATCH This Week

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Flexfields). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Application Object Library
NVD
CVSS 3.0
8.1
EPSS
1.0%
CVE-2017-9940 HIGH This Week

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with access to a low-privileged user account to read or write files on the file. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Privilege Escalation Sipass Integrated
NVD
CVSS 3.0
8.1
EPSS
0.2%
CVE-2017-8622 HIGH PATCH This Week

Windows Subsystem for Linux in Windows 10 1703 allows an elevation of privilege vulnerability when it fails to properly handle handles NT pipes, aka "Windows Subsystem for Linux Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10
NVD
CVSS 3.0
7.8
EPSS
1.1%
CVE-2017-10016 HIGH PATCH This Week

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Sun Zfs Storage Appliance Kit Software
NVD
CVSS 3.0
7.5
EPSS
2.6%
CVE-2017-10176 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +19
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2017-10245 HIGH PATCH This Week

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle General Ledger
NVD
CVSS 3.0
7.5
EPSS
2.3%
CVE-2017-8624 HIGH PATCH This Week

CLFS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2012-0880 HIGH This Week

Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a crafted message sent to an XML service that causes hash table collisions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apache Xerces C
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2017-8516 HIGH PATCH This Week

Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Sql Server
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2017-9942 HIGH This Week

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Siemens Information Disclosure Sipass Integrated
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-10091 HIGH PATCH This Week

Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: UI Framework). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Enterprise Manager Base Platform
NVD
CVSS 3.0
7.7
EPSS
0.5%
CVE-2017-10000 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Reporting). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Oracle Hospitality Reporting And Analytics
NVD
CVSS 3.0
7.7
EPSS
0.4%
CVE-2017-10136 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Hospitality Simphony
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2017-10019 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
7.4
EPSS
1.7%
CVE-2017-10232 HIGH PATCH This Week

Vulnerability in the Hospitality WebSuite8 Cloud Service component of Oracle Hospitality Applications (subcomponent: General). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Authentication Bypass Oracle Hospitality Websuite8 Cloud Service
NVD
CVSS 3.0
7.6
EPSS
0.7%
CVE-2017-10001 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Core). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hospitality Simphony
NVD
CVSS 3.0
7.6
EPSS
0.6%
CVE-2017-10130 HIGH PATCH This Week

Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Management). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Istore
NVD
CVSS 3.0
7.6
EPSS
0.5%
CVE-2017-10059 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Mobile Service). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
7.6
EPSS
0.5%
CVE-2017-10041 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
7.6
EPSS
0.5%
CVE-2017-10119 HIGH PATCH This Week

Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: OSB Web Console Design, Admin). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Service Bus
NVD
CVSS 3.0
7.6
EPSS
0.5%
CVE-2017-9938 HIGH This Week

A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Siemens Simatic Logon
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2017-10118 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +19
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2017-10067 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle Jdk Jre +24
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2017-10115 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +26
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2016-4456 HIGH This Week

The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gnutls
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2017-10145 HIGH PATCH This Week

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Java Oracle Java Advanced Management Console
NVD
CVSS 3.0
7.4
EPSS
0.4%
CVE-2017-10104 HIGH PATCH This Week

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Denial Of Service Java Privilege Escalation Oracle Java Advanced Management Console
NVD
CVSS 3.0
7.4
EPSS
0.4%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy