Skip to main content
CVE-2017-12298 MEDIUM This Month

A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Webex Meeting Center
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-12296 MEDIUM This Month

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected system. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Webex Meetings Server
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-12272 MEDIUM This Month

A vulnerability in the web framework code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Cisco Ios Xe
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-10339 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Authentication Bypass Information Disclosure Hospitality Suite8
NVD
CVSS 3.0
5.9
EPSS
0.8%
CVE-2017-10422 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Updates Change Assistant). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Authentication Bypass Information Disclosure Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
5.9
EPSS
0.5%
CVE-2017-10051 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
5.7
EPSS
0.3%
CVE-2017-10389 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: PMS). Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity.

Denial Of Service Oracle Hospitality Suite8
NVD
CVSS 3.0
5.7
EPSS
0.1%
CVE-2017-10342 MEDIUM PATCH This Month

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Java Advanced Management Console
NVD
CVSS 3.0
5.3
EPSS
1.9%
CVE-2017-10336 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.0
5.3
EPSS
1.8%
CVE-2017-10203 MEDIUM PATCH This Month

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Net). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Mysql Connector Net
NVD
CVSS 3.0
5.3
EPSS
1.7%
CVE-2017-15642 MEDIUM This Month

In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Microsoft Use After Free Information Disclosure Sound Exchange +1
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2017-10264 MEDIUM PATCH This Month

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Siebel Ui Framework
NVD
CVSS 3.0
5.3
EPSS
1.5%
CVE-2017-10322 MEDIUM PATCH This Month

Vulnerability in the Oracle Common Applications Calendar component of Oracle E-Business Suite (subcomponent: Applications Calendar). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Common Applications Calendar
NVD
CVSS 3.0
5.3
EPSS
1.5%
CVE-2017-10066 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Technology Stack component of Oracle E-Business Suite (subcomponent: Oracle Forms). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle E Business Suite Technology Stack
NVD
CVSS 3.0
5.3
EPSS
1.5%
CVE-2017-10277 MEDIUM PATCH This Month

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Net). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Mysql Connector Net
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2017-12286 MEDIUM This Month

A vulnerability in the web interface of Cisco Jabber could allow an authenticated, local attacker to retrieve user profile information from the affected software, which could lead to the disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Jabber Webex Meeting Center
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-12284 MEDIUM This Month

A vulnerability in the web interface of Cisco Jabber for Windows Client could allow an authenticated, local attacker to retrieve user profile information, which could lead to the disclosure of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Cisco Information Disclosure Jabber
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-10340 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Hospitality Simphony
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2017-10367 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Engagement). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Hospitality Simphony
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2017-10359 MEDIUM PATCH This Month

Vulnerability in the Oracle Hyperion BI+ component of Oracle Hyperion (subcomponent: UI and Visualization). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Hyperion Bi
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2016-8748 MEDIUM PATCH This Month

In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a cross-site scripting vulnerability in connection details dialog when accessed by an authorized user. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Apache Nifi
NVD
CVSS 3.0
5.4
EPSS
0.4%
CVE-2017-10400 MEDIUM PATCH This Month

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration Graphical User Interface). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Glassfish Server
NVD
CVSS 3.0
5.4
EPSS
0.4%
CVE-2017-10394 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-10337 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Denial Of Service Oracle Information Disclosure Hospitality Suite8
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-10162 MEDIUM PATCH This Month

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Siebel Core Server Framework
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-10357 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +27
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2017-10350 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +27
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2017-10349 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +27
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2017-10348 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +27
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2017-10347 MEDIUM PATCH This Month

Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +27
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2017-10281 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Oracle Jdk Jre +28
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2017-10423 MEDIUM PATCH This Month

Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications (subcomponent: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Oracle Retail Back Office
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-10304 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HCM component of Oracle PeopleSoft Products (subcomponent: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Human Capital Management Human Resources
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-10425 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Service Host). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hospitality Simphony
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-10395 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: GangwayActivityWebApp). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hospitality Cruise Fleet Management
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-10319 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure Hospitality Suite8
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2017-10300 MEDIUM PATCH This Month

Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM (subcomponent: Siebel Business Service Issues). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure Siebel Customer Relationship Management Desktop
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2017-10154 MEDIUM PATCH This Month

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure Access Manager
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2017-10383 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Interface). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure Hospitality Guest Access
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2017-10331 MEDIUM PATCH This Month

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure Application Object Library
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2017-10324 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Technology Stack component of Oracle E-Business Suite (subcomponent: Oracle Forms). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure E Business Suite Technology Stack
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2017-10283 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2017-10054 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Materials Management component of Oracle Hospitality Applications (subcomponent: MMS). Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Oracle Hospitality Cruise Materials Management
NVD
CVSS 3.0
5.1
EPSS
0.1%
CVE-2017-10419 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: PMS). Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Oracle Hospitality Suite8
NVD
CVSS 3.0
5.1
EPSS
0.1%
CVE-2017-10275 MEDIUM PATCH This Month

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Filesystem). Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Denial Of Service Oracle Solaris Ak
NVD
CVSS 3.0
5.0
EPSS
0.1%
CVE-2017-10428 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated medium severity (CVSS 5.0).

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
5.0
EPSS
0.1%
CVE-2017-10296 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
4.9
EPSS
0.5%
CVE-2017-10320 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL MariaDB Active Iq Unified Manager +6
NVD
CVSS 3.1
4.9
EPSS
0.4%
CVE-2017-10313 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
4.9
EPSS
0.4%
CVE-2017-10311 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.0
4.9
EPSS
0.4%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy