Skip to main content
CVE-2018-2707 HIGH PATCH This Week

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Banking Corporate Lending
NVD
CVSS 3.0
8.1
EPSS
1.6%
CVE-2018-2704 HIGH PATCH This Week

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Banking Payments
NVD
CVSS 3.0
8.1
EPSS
1.8%
CVE-2018-2679 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Profitability Management component of Oracle Financial Services Applications (subcomponent: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Profitability Management
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2018-2666 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Labor Management component of Oracle Hospitality Applications (subcomponent: Webservice Endpoint). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Labor Management
NVD
CVSS 3.0
8.1
EPSS
1.2%
CVE-2018-2649 HIGH PATCH This Week

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Flexcube Universal Banking
NVD
CVSS 3.0
8.1
EPSS
2.0%
CVE-2018-2620 HIGH PATCH This Week

Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Platform). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Primavera Unifier
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2018-2592 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Balance Sheet Planning component of Oracle Financial Services Applications (subcomponent: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Balance Sheet Planning
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2018-2574 HIGH PATCH This Week

Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM (subcomponent: Outlook Client). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Microsoft Authentication Bypass Siebel Customer Relationship Management Desktop
NVD
CVSS 3.0
8.1
EPSS
1.3%
CVE-2018-2601 HIGH PATCH This Week

Vulnerability in the Oracle Internet Directory component of Oracle Fusion Middleware (subcomponent: Oracle Directory Services Manager). Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.

Oracle Information Disclosure Internet Directory
NVD
CVSS 3.0
8.0
EPSS
1.7%
CVE-2018-0095 HIGH This Week

A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) could allow an authenticated, local attacker to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Asyncos
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-2569 HIGH PATCH This Week

Vulnerability in the Java ME SDK component of Oracle Java Micro Edition (subcomponent: Installer). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Java Oracle Microsoft Information Disclosure Java Me
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-2566 HIGH PATCH This Week

Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Integrated Lights Out Manager Firmware
NVD
CVSS 3.0
7.7
EPSS
1.5%
CVE-2018-2733 HIGH PATCH This Week

Vulnerability in the Oracle Hyperion Planning component of Oracle Hyperion (subcomponent: Security). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable.

Oracle Information Disclosure Hyperion Planning
NVD
CVSS 3.0
7.6
EPSS
1.3%
CVE-2018-2701 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Fleet Management
NVD
CVSS 3.0
7.6
EPSS
0.8%
CVE-2018-0094 HIGH This Week

A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Unified Computing System Central Software
NVD
CVSS 3.0
7.5
EPSS
2.3%
CVE-2018-0090 HIGH This Week

A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.0
7.5
EPSS
2.6%
CVE-2018-0089 HIGH This Week

A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access sensitive data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Cisco Policy Suite
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2018-2710 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2018-2700 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Fleet Management
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2018-2696 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
7.5
EPSS
4.5%
CVE-2018-2683 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Hospitality Simphony
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2018-2672 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
7.5
EPSS
1.6%
CVE-2018-2652 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2018-2651 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: XML Publisher). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2018-2627 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Rated high severity (CVSS 7.5).

Java Oracle Microsoft Information Disclosure Jdk +19
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2018-2617 HIGH PATCH This Week

Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Oss Support Tools
NVD
CVSS 3.0
7.5
EPSS
1.8%
CVE-2018-2604 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Guest Access
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2018-2589 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Server). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
7.5
EPSS
1.6%
CVE-2018-2585 HIGH PATCH This Week

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Net). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Mysql Connector Net
NVD
CVSS 3.0
7.5
EPSS
2.6%
CVE-2018-0102 HIGH This Week

A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.0
7.4
EPSS
0.8%
CVE-2018-2660 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications (subcomponent: Core). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Financial Services Analytical Applications Infrastructure
NVD
CVSS 3.0
7.4
EPSS
1.1%
CVE-2018-2637 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre +14
NVD
CVSS 3.1
7.4
EPSS
4.6%
CVE-2018-2568 HIGH PATCH This Week

Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Integrated Lights Out Manager Firmware
NVD
CVSS 3.0
7.3
EPSS
1.4%
CVE-2018-2578 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.2).

Oracle Information Disclosure Solaris
NVD
CVSS 3.0
7.2
EPSS
0.4%
CVE-2018-0092 HIGH This Week

A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to improperly delete valid user accounts. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os
NVD
CVSS 3.0
7.1
EPSS
0.3%
CVE-2018-2650 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Reporting And Analytics
NVD
CVSS 3.0
7.1
EPSS
0.9%
CVE-2018-2562 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL MariaDB Debian Linux +12
NVD
CVSS 3.1
7.1
EPSS
3.4%
CVE-2018-2634 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre +13
NVD
CVSS 3.1
6.8
EPSS
4.5%
CVE-2018-2583 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
6.8
EPSS
3.0%
CVE-2018-0115 MEDIUM This Month

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Staros
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2018-0088 MEDIUM This Month

A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service RCE Apple Industrial Ethernet 4010 Series Firmware
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2018-2717 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Platform). Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
6.6
EPSS
0.5%
CVE-2018-2715 MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: BI Platform Security). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Business Intelligence
NVD
CVSS 3.0
6.5
EPSS
1.4%
CVE-2018-2703 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
6.5
EPSS
3.2%
CVE-2018-2702 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Strategic Sourcing). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Scm Strategic Sourcing
NVD
CVSS 3.0
6.5
EPSS
1.5%
CVE-2018-2695 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Query). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
6.5
EPSS
1.5%
CVE-2018-2671 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise SCM Purchasing component of Oracle PeopleSoft Products (subcomponent: Supplier Registration). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Scm Purchasing
NVD
CVSS 3.0
6.5
EPSS
1.5%
CVE-2018-2668 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL MariaDB Debian Linux +12
NVD
CVSS 3.1
6.5
EPSS
4.0%
CVE-2018-2665 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL MariaDB Debian Linux +12
NVD
CVSS 3.1
6.5
EPSS
4.0%
CVE-2018-2642 MEDIUM PATCH This Month

Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: File Upload). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service File Upload Argus Safety
NVD
CVSS 3.0
6.5
EPSS
0.6%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy