Skip to main content
CVE-2018-2626 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Balance Sheet Planning component of Oracle Financial Services Applications (subcomponent: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Balance Sheet Planning
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2609 MEDIUM PATCH This Month

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Agile Product Lifecycle Management
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-2567 MEDIUM PATCH This Month

Vulnerability in the Oracle Communications Order and Service Management component of Oracle Communications Applications (subcomponent: Portal). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Communications Order And Service Management
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-0096 MEDIUM This Month

A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Cisco Prime Infrastructure
NVD
CVSS 3.0
5.9
EPSS
1.4%
CVE-2018-2673 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
5.9
EPSS
1.3%
CVE-2018-2618 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre +14
NVD
CVSS 3.1
5.9
EPSS
4.7%
CVE-2018-2647 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
5.5
EPSS
2.3%
CVE-2018-2577 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-2731 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise SCM eProcurement component of Oracle PeopleSoft Products (subcomponent: Manage Requisition Status). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Scm Eprocurement
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2018-2691 MEDIUM PATCH This Month

Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Proxy User Delegation). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass User Management
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2018-2681 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Human Capital Management Human Resources
NVD
CVSS 3.0
5.4
EPSS
0.8%
CVE-2018-2662 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-2630 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Security Management System). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2018-2571 MEDIUM PATCH This Month

Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Communications Unified Inventory Management
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2018-0111 MEDIUM This Month

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Webex Meetings Server
NVD
CVSS 3.0
5.3
EPSS
1.7%
CVE-2018-0108 MEDIUM This Month

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Cisco Webex Meetings Server
NVD
CVSS 3.0
5.3
EPSS
1.8%
CVE-2018-0105 MEDIUM This Month

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Unified Communications Manager
NVD
CVSS 3.1
5.3
EPSS
1.7%
CVE-2018-2709 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Banking Corporate Lending
NVD
CVSS 3.0
5.3
EPSS
1.1%
CVE-2018-2708 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Banking Payments
NVD
CVSS 3.0
5.3
EPSS
1.2%
CVE-2018-2657 MEDIUM PATCH This Month

Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +10
NVD
CVSS 3.0
5.3
EPSS
7.5%
CVE-2018-2653 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Connected Query). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
5.3
EPSS
1.5%
CVE-2018-2629 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre +14
NVD
CVSS 3.1
5.3
EPSS
4.8%
CVE-2018-2625 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.0
5.3
EPSS
1.5%
CVE-2018-2614 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.0
5.3
EPSS
1.2%
CVE-2018-2610 MEDIUM PATCH This Month

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hyperion Data Relationship Management
NVD
CVSS 3.0
5.3
EPSS
1.5%
CVE-2018-2603 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +14
NVD
CVSS 3.1
5.3
EPSS
6.9%
CVE-2018-2561 MEDIUM PATCH This Month

Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Http Server
NVD
CVSS 3.0
5.3
EPSS
2.0%
CVE-2018-2560 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.0).

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
5.0
EPSS
0.4%
CVE-2018-2684 MEDIUM PATCH This Month

Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Registration Process). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.0
4.9
EPSS
1.5%
CVE-2018-2667 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.2%
CVE-2018-2646 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.7%
CVE-2018-2645 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass MySQL
NVD
CVSS 3.0
4.9
EPSS
2.4%
CVE-2018-2607 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Hospitality Guest Access
NVD
CVSS 3.0
4.9
EPSS
1.1%
CVE-2018-2600 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.5%
CVE-2018-2591 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.8%
CVE-2018-2590 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
3.0%
CVE-2018-2586 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.5%
CVE-2018-2576 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.2%
CVE-2018-2565 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.2%
CVE-2018-2635 MEDIUM PATCH This Month

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Login). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.0
4.8
EPSS
1.1%
CVE-2018-2599 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Denial Of Service Jdk Jre +14
NVD
CVSS 3.1
4.8
EPSS
4.2%
CVE-2018-2581 MEDIUM PATCH This Month

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Authentication Bypass Jdk Jre +18
NVD
CVSS 3.1
4.7
EPSS
2.5%
CVE-2018-2602 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Rated medium severity (CVSS 4.5), this vulnerability is no authentication required.

Java Oracle Denial Of Service Jdk Jre +13
NVD
CVSS 3.1
4.5
EPSS
0.6%
CVE-2018-0100 MEDIUM This Month

A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, local attacker to have read and write access to information stored in the affected. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

XXE Cisco Anyconnect Secure Mobility Client
NVD
CVSS 3.0
4.4
EPSS
0.4%
CVE-2018-2580 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite (subcomponent: ADPatch). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Oracle Authentication Bypass Applications Dba
NVD
CVSS 3.0
4.4
EPSS
0.4%
CVE-2018-2678 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +14
NVD
CVSS 3.1
4.3
EPSS
4.7%
CVE-2018-2677 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +13
NVD
CVSS 3.1
4.3
EPSS
4.7%
CVE-2018-2663 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +14
NVD
CVSS 3.1
4.3
EPSS
4.7%
CVE-2018-2632 MEDIUM PATCH This Month

Vulnerability in the Siebel Engineering - Installer and Deployment component of Oracle Siebel CRM (subcomponent: Siebel Approval Manager). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Siebel Engineering Installer And Deployment
NVD
CVSS 3.0
4.3
EPSS
0.9%
CVE-2018-2631 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.0
4.3
EPSS
0.8%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy