Skip to main content
CVE-2018-2640 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL MariaDB Debian Linux +12
NVD
CVSS 3.1
6.5
EPSS
4.0%
CVE-2018-2622 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL MariaDB Debian Linux +12
NVD
CVSS 3.1
6.5
EPSS
4.0%
CVE-2018-2619 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
6.5
EPSS
1.3%
CVE-2018-2612 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL MariaDB Active Iq Unified Manager +5
NVD
CVSS 3.1
6.5
EPSS
3.8%
CVE-2018-2605 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
6.5
EPSS
1.9%
CVE-2018-2582 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Authentication Bypass Jdk Jre +11
NVD
CVSS 3.1
6.5
EPSS
4.7%
CVE-2018-2573 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
6.5
EPSS
3.2%
CVE-2018-2730 MEDIUM PATCH This Month

Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications (subcomponent: Cross Pillar). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Retail Merchandising System
NVD
CVSS 3.0
6.4
EPSS
0.6%
CVE-2018-2643 MEDIUM PATCH This Month

Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Case Selection). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Argus Safety
NVD
CVSS 3.0
6.4
EPSS
0.7%
CVE-2018-2570 MEDIUM PATCH This Month

Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Communications Unified Inventory Management
NVD
CVSS 3.0
6.3
EPSS
1.1%
CVE-2018-2606 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Guest Access
NVD
CVSS 3.0
6.2
EPSS
0.4%
CVE-2018-5776 MEDIUM PATCH This Month

WordPress before 4.9.2 has XSS in the Flash fallback files in MediaElement (under wp-includes/js/mediaelement). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS
NVD GitHub
CVSS 3.0
6.1
EPSS
2.4%
CVE-2018-5773 MEDIUM PATCH This Month

An issue was discovered in markdown2 (aka python-markdown2) through 2.3.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Python Python Markdown2
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-0098 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Access Point with Power over Ethernet (PoE) and WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Wap361 Firmware Wap150 Firmware
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-0097 MEDIUM This Month

A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Open Redirect Prime Infrastructure
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2018-0093 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Web Security Appliance
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2018-0091 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a Document Object Model (DOM) cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Identity Services Engine
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2018-2732 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Analytical Applications Reconciliation Framework component of Oracle Financial Services Applications (subcomponent: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Analytical Applications Reconciliation Framework
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2018-2728 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Funds Transfer Pricing component of Oracle Financial Services Applications (subcomponent: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Funds Transfer Pricing
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2018-2722 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Price Creation and Discovery component of Oracle Financial Services Applications (subcomponent: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Price Creation And Discovery
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2719 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations component of Oracle Financial Services Applications (subcomponent: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Hedge Management And Ifrs Valuations
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2716 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Market Risk Measurement and Management component of Oracle Financial Services Applications (subcomponent: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Market Risk Measurement And Management
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2714 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Market Risk component of Oracle Financial Services Applications (subcomponent: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Market Risk
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2712 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning component of Oracle Financial Services Applications (subcomponent: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Loan Loss Forecasting And Provisioning
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2699 MEDIUM PATCH This Month

Vulnerability in the Application Express component of Oracle Database Server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Application Express
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2692 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Asset Liability Management component of Oracle Financial Services Applications (subcomponent: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Asset Liability Management
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2682 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Liquidity Risk Management component of Oracle Financial Services Applications (subcomponent: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Liquidity Risk Management
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2674 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Logoff). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Flexcube Direct Banking
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2670 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Profitability Management component of Oracle Financial Services Applications (subcomponent: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Profitability Management
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2669 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Reporting And Analytics
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-2661 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications (subcomponent: Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Analytical Applications Infrastructure
NVD
CVSS 3.0
6.1
EPSS
1.3%
CVE-2018-2659 MEDIUM PATCH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Jd Edwards Enterpriseone Tools
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-2658 MEDIUM PATCH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Jd Edwards Enterpriseone Tools
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-2654 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Company Dir / Org Chart Viewer). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Human Capital Management Human Resources
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2644 MEDIUM PATCH This Month

Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Worklist). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Argus Safety
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-2641 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre +13
NVD
CVSS 3.1
6.1
EPSS
5.1%
CVE-2018-2626 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Balance Sheet Planning component of Oracle Financial Services Applications (subcomponent: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Balance Sheet Planning
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-2609 MEDIUM PATCH This Month

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Agile Product Lifecycle Management
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-2567 MEDIUM PATCH This Month

Vulnerability in the Oracle Communications Order and Service Management component of Oracle Communications Applications (subcomponent: Portal). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Communications Order And Service Management
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-0096 MEDIUM This Month

A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Cisco Prime Infrastructure
NVD
CVSS 3.0
5.9
EPSS
1.4%
CVE-2018-2673 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
5.9
EPSS
1.3%
CVE-2018-2618 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre +14
NVD
CVSS 3.1
5.9
EPSS
4.7%
CVE-2018-2647 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
5.5
EPSS
2.3%
CVE-2018-2577 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-2731 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise SCM eProcurement component of Oracle PeopleSoft Products (subcomponent: Manage Requisition Status). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Scm Eprocurement
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2018-2691 MEDIUM PATCH This Month

Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Proxy User Delegation). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass User Management
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2018-2681 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Human Capital Management Human Resources
NVD
CVSS 3.0
5.4
EPSS
0.8%
CVE-2018-2662 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-2630 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Security Management System). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2018-2571 MEDIUM PATCH This Month

Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Communications Unified Inventory Management
NVD
CVSS 3.0
5.4
EPSS
0.9%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy