Skip to main content
CVE-2018-5766 HIGH POC This Week

In Libav through 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Libav
NVD
CVSS 3.0
8.8
EPSS
2.5%
CVE-2018-2698 HIGH POC PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available.

Oracle Information Disclosure Vm Virtualbox
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
1.7%
CVE-2018-2636 HIGH POC PATCH THREAT This Week

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Oracle Information Disclosure Hospitality Simphony
NVD GitHub Exploit-DB
CVSS 3.0
8.1
EPSS
13.7%
CVE-2018-2611 CRITICAL PATCH Act Now

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Services). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Sun Zfs Storage Appliance Kit
NVD
CVSS 3.0
10.0
EPSS
2.3%
CVE-2018-5772 MEDIUM POC This Month

In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Exiv2
NVD GitHub
CVSS 3.0
5.5
EPSS
1.9%
CVE-2018-2623 CRITICAL PATCH Act Now

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Sun Zfs Storage Appliance Kit
NVD
CVSS 3.0
9.3
EPSS
1.6%
CVE-2018-2697 CRITICAL PATCH Act Now

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Fleet Management
NVD
CVSS 3.0
9.1
EPSS
1.5%
CVE-2018-2656 CRITICAL PATCH Act Now

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Data Manager Server). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.0
9.1
EPSS
1.9%
CVE-2018-2655 CRITICAL PATCH Act Now

Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite (subcomponent: Assemble/Configure to Order). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Work In Process
NVD
CVSS 3.0
9.1
EPSS
1.9%
CVE-2018-2664 CRITICAL PATCH Act Now

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required.

Oracle Information Disclosure Sun Zfs Storage Appliance Kit
NVD
CVSS 3.0
9.0
EPSS
1.8%
CVE-2018-0107 HIGH This Week

A vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Cisco Prime Service Catalog
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2018-0099 HIGH This Week

A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could allow an authenticated, remote attacker to perform a command injection attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection D9800 Firmware
NVD
CVSS 3.0
8.8
EPSS
3.4%
CVE-2018-2706 HIGH PATCH This Week

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Information Disclosure Banking Corporate Lending
NVD
CVSS 3.0
8.8
EPSS
1.7%
CVE-2018-2705 HIGH PATCH This Week

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Information Disclosure Banking Payments
NVD
CVSS 3.0
8.8
EPSS
1.7%
CVE-2018-2694 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2018-2648 HIGH PATCH This Week

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Information Disclosure Flexcube Universal Banking
NVD
CVSS 3.0
8.8
EPSS
1.7%
CVE-2018-2616 HIGH PATCH This Week

Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Information Disclosure Oss Support Tools
NVD
CVSS 3.0
8.8
EPSS
27.1%
CVE-2018-2615 HIGH PATCH This Week

Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Information Disclosure Oss Support Tools
NVD
CVSS 3.0
8.8
EPSS
1.4%
CVE-2018-2593 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
8.8
EPSS
1.8%
CVE-2018-0086 HIGH This Week

A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Unified Customer Voice Portal
NVD
CVSS 3.0
8.6
EPSS
2.3%
CVE-2018-2690 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity.

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.0
8.6
EPSS
0.5%
CVE-2018-2689 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity.

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.0
8.6
EPSS
0.6%
CVE-2018-2688 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity.

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.0
8.6
EPSS
0.5%
CVE-2018-2687 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity.

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.0
8.6
EPSS
0.5%
CVE-2018-2686 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity.

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.0
8.6
EPSS
0.5%
CVE-2018-2685 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity.

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.0
8.6
EPSS
0.5%
CVE-2018-2624 HIGH PATCH This Week

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Sun Zfs Storage Appliance Kit
NVD
CVSS 3.0
8.6
EPSS
2.0%
CVE-2018-2608 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
8.6
EPSS
1.5%
CVE-2018-2680 HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure Database Server
NVD
CVSS 3.0
8.3
EPSS
1.7%
CVE-2018-2639 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure Jdk Jre +5
NVD
CVSS 3.1
8.3
EPSS
2.9%
CVE-2018-2638 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure Jdk Jre +22
NVD
CVSS 3.1
8.3
EPSS
3.3%
CVE-2018-2633 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure Jdk Jre +14
NVD
CVSS 3.1
8.3
EPSS
5.7%
CVE-2018-2713 HIGH PATCH This Week

Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Webcenter Portal
NVD
CVSS 3.0
8.2
EPSS
1.7%
CVE-2018-2711 HIGH PATCH This Week

Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Security Framework). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Jdeveloper
NVD
CVSS 3.0
8.2
EPSS
1.4%
CVE-2018-2693 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Guest Additions). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.0
8.2
EPSS
0.4%
CVE-2018-2676 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.0
8.2
EPSS
0.4%
CVE-2018-2621 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: Mobile Gangway and Mustering). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
8.2
EPSS
1.4%
CVE-2018-2613 HIGH PATCH This Week

Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Login). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Argus Safety
NVD
CVSS 3.0
8.2
EPSS
1.2%
CVE-2018-2597 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Dining Room Management component of Oracle Hospitality Applications (subcomponent: SilverWhere). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Dining Room Management
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2018-2596 HIGH PATCH This Week

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Webcenter Content
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2018-2564 HIGH PATCH This Week

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Webcenter Content
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2018-0110 HIGH This Week

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access the remote support account even after it has been disabled via the web application. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Webex Meetings Server
NVD
CVSS 3.0
8.1
EPSS
1.4%
CVE-2018-2729 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Funds Transfer Pricing component of Oracle Financial Services Applications (subcomponent: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Funds Transfer Pricing
NVD
CVSS 3.0
8.1
EPSS
1.8%
CVE-2018-2727 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Market Risk Measurement and Management component of Oracle Financial Services Applications (subcomponent: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Market Risk Measurement And Management
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2018-2726 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Market Risk component of Oracle Financial Services Applications (subcomponent: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Market Risk
NVD
CVSS 3.0
8.1
EPSS
1.4%
CVE-2018-2725 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations component of Oracle Financial Services Applications (subcomponent: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Hedge Management And Ifrs Valuations
NVD
CVSS 3.1
8.1
EPSS
1.9%
CVE-2018-2724 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning component of Oracle Financial Services Applications (subcomponent: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Loan Loss Forecasting And Provisioning
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2018-2723 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Asset Liability Management component of Oracle Financial Services Applications (subcomponent: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Asset Liability Management
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2018-2721 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Price Creation and Discovery component of Oracle Financial Services Applications (subcomponent: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Price Creation And Discovery
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2018-2720 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Liquidity Risk Management component of Oracle Financial Services Applications (subcomponent: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Liquidity Risk Management
NVD
CVSS 3.0
8.1
EPSS
1.5%
Page 1 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy