Skip to main content
CVE-2017-10176 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +19
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2017-10245 HIGH PATCH This Week

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle General Ledger
NVD
CVSS 3.0
7.5
EPSS
2.3%
CVE-2017-8624 HIGH PATCH This Week

CLFS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2012-0880 HIGH This Week

Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a crafted message sent to an XML service that causes hash table collisions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apache Xerces C
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2017-8516 HIGH PATCH This Week

Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Sql Server
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2017-9942 HIGH This Week

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Siemens Information Disclosure Sipass Integrated
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-10091 HIGH PATCH This Week

Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: UI Framework). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Enterprise Manager Base Platform
NVD
CVSS 3.0
7.7
EPSS
0.5%
CVE-2017-10000 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Reporting). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Oracle Hospitality Reporting And Analytics
NVD
CVSS 3.0
7.7
EPSS
0.4%
CVE-2017-10136 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Hospitality Simphony
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2017-10019 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
7.4
EPSS
1.7%
CVE-2017-10232 HIGH PATCH This Week

Vulnerability in the Hospitality WebSuite8 Cloud Service component of Oracle Hospitality Applications (subcomponent: General). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Authentication Bypass Oracle Hospitality Websuite8 Cloud Service
NVD
CVSS 3.0
7.6
EPSS
0.7%
CVE-2017-10001 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Core). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hospitality Simphony
NVD
CVSS 3.0
7.6
EPSS
0.6%
CVE-2017-10130 HIGH PATCH This Week

Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Management). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Istore
NVD
CVSS 3.0
7.6
EPSS
0.5%
CVE-2017-10059 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Mobile Service). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
7.6
EPSS
0.5%
CVE-2017-10041 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
7.6
EPSS
0.5%
CVE-2017-10119 HIGH PATCH This Week

Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: OSB Web Console Design, Admin). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Service Bus
NVD
CVSS 3.0
7.6
EPSS
0.5%
CVE-2017-9938 HIGH This Week

A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Siemens Simatic Logon
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2017-10118 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +19
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2017-10067 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Java Oracle Jdk Jre +24
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2017-10115 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Java Oracle Jdk Jre +26
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2016-4456 HIGH This Week

The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gnutls
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2017-10145 HIGH PATCH This Week

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Java Oracle Java Advanced Management Console
NVD
CVSS 3.0
7.4
EPSS
0.4%
CVE-2017-10104 HIGH PATCH This Week

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Denial Of Service Java Privilege Escalation Oracle Java Advanced Management Console
NVD
CVSS 3.0
7.4
EPSS
0.4%
CVE-2017-6870 HIGH This Week

A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Siemens Google Information Disclosure Simatic Wincc Sm Rtclient
NVD
CVSS 3.0
7.4
EPSS
0.2%
CVE-2017-9941 HIGH This Week

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker in a Man-in-the-Middle position between the SiPass integrated server and SiPass. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Siemens Information Disclosure Sipass Integrated
NVD
CVSS 3.0
7.4
EPSS
0.2%
CVE-2017-6873 HIGH This Week

A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Siemens Authentication Bypass Ozw772 Firmware Ozw672 Firmware
NVD
CVSS 3.0
7.4
EPSS
0.2%
CVE-2017-10206 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Engagement). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Hospitality Simphony
NVD
CVSS 3.0
7.3
EPSS
0.6%
CVE-2017-10210 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2017-10234 HIGH PATCH This Week

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris Cluster
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2017-10233 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2017-10242 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2017-10241 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2017-10239 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2017-10238 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2017-10237 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2017-10240 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2017-10236 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2017-10031 HIGH PATCH This Week

Vulnerability in the Oracle Communications Convergence component of Oracle Communications Applications (subcomponent: Mail Proxy (dojo)). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Communications Convergence
NVD
CVSS 3.0
7.2
EPSS
0.4%
CVE-2017-10226 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hospitality Cruise Fleet Management
NVD
CVSS 3.0
7.1
EPSS
0.7%
CVE-2017-10085 HIGH PATCH This Week

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Flexcube Universal Banking
NVD
CVSS 3.0
7.1
EPSS
0.7%
CVE-2017-8662 MEDIUM PATCH This Month

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to disclose information due to how strings are validated in specific scenarios, aka "Microsoft Edge Information Disclosure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.6%.

Microsoft Information Disclosure Edge
NVD
CVSS 3.0
4.3
EPSS
14.6%
CVE-2017-8659 MEDIUM PATCH This Month

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system due to the Chakra scripting engine not properly handling objects in. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.6%.

Microsoft Information Disclosure Edge
NVD
CVSS 3.0
4.3
EPSS
14.6%
CVE-2017-10235 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
6.7
EPSS
2.3%
CVE-2017-10125 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

Information Disclosure Java Oracle Jdk Jre +16
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2017-8593 HIGH PATCH This Week

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
0.7%
CVE-2017-8623 MEDIUM PATCH This Month

Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from a privileged user on a guest operating system,. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.0
6.8
EPSS
1.5%
CVE-2017-10225 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Hospitality Applications (subcomponent: OPS Operations). Rated high severity (CVSS 7.0).

Denial Of Service Authentication Bypass Oracle Hospitality Res 3700
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-10058 MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web Administration). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Business Intelligence
NVD
CVSS 3.0
6.9
EPSS
0.3%
CVE-2017-10039 MEDIUM PATCH This Month

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Web Client). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Agile Plm
NVD
CVSS 3.1
6.8
EPSS
0.7%
CVE-2017-10181 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Forgot Password). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Flexcube Direct Banking
NVD
CVSS 3.0
6.8
EPSS
0.3%
Prev Page 3 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy