Skip to main content
CVE-2017-10366 CRITICAL POC PATCH THREAT Act Now

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Performance Monitor). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 64.4%.

Information Disclosure Oracle Peoplesoft Enterprise Peopletools
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
64.4%
Threat
5.4
CVE-2017-10352 CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 27.7%.

Denial Of Service Oracle Weblogic Server
NVD
CVSS 3.0
9.9
EPSS
27.7%
CVE-2017-12251 CRITICAL Act Now

A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact maliciously with the services or virtual machines (VMs). Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Cloud Services Platform 2100
NVD
CVSS 3.0
9.9
EPSS
3.2%
CVE-2017-10405 CRITICAL PATCH Act Now

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Hospitality Reporting And Analytics
NVD
CVSS 3.0
10.0
EPSS
1.7%
CVE-2017-10402 CRITICAL PATCH Act Now

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Hospitality Reporting And Analytics
NVD
CVSS 3.0
10.0
EPSS
1.7%
CVE-2017-10404 CRITICAL PATCH Act Now

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: iQuery). Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Hospitality Reporting And Analytics
NVD
CVSS 3.0
9.9
EPSS
1.0%
CVE-2017-5636 CRITICAL PATCH Act Now

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Deserialization Apache Nifi
NVD
CVSS 3.0
9.8
EPSS
1.2%
CVE-2017-10396 CRITICAL PATCH Act Now

Vulnerability in the Oracle Hospitality Cruise AffairWhere component of Oracle Hospitality Applications (subcomponent: AffairWhere). Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Hospitality Cruise Affairwhere
NVD
CVSS 3.0
9.9
EPSS
0.4%
CVE-2017-10346 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +27
NVD
CVSS 3.1
9.6
EPSS
0.6%
CVE-2017-10285 CRITICAL PATCH Act Now

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +27
NVD
CVSS 3.1
9.6
EPSS
0.6%
CVE-2017-10330 CRITICAL PATCH Act Now

Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: Gantt Server). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Common Applications
NVD
CVSS 3.0
9.1
EPSS
2.2%
CVE-2017-10329 CRITICAL PATCH Act Now

Vulnerability in the Oracle Global Order Promising component of Oracle E-Business Suite (subcomponent: Reschedule Sales Orders). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Global Order Promising
NVD
CVSS 3.0
9.1
EPSS
2.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy