Skip to main content
CVE-2018-0111 MEDIUM This Month

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Webex Meetings Server
NVD
CVSS 3.0
5.3
EPSS
1.7%
CVE-2018-0108 MEDIUM This Month

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Cisco Webex Meetings Server
NVD
CVSS 3.0
5.3
EPSS
1.8%
CVE-2018-0105 MEDIUM This Month

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Unified Communications Manager
NVD
CVSS 3.1
5.3
EPSS
1.7%
CVE-2018-2709 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Banking Corporate Lending
NVD
CVSS 3.0
5.3
EPSS
1.1%
CVE-2018-2708 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Banking Payments
NVD
CVSS 3.0
5.3
EPSS
1.2%
CVE-2018-2657 MEDIUM PATCH This Month

Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +10
NVD
CVSS 3.0
5.3
EPSS
7.5%
CVE-2018-2653 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Connected Query). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
5.3
EPSS
1.5%
CVE-2018-2629 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre +14
NVD
CVSS 3.1
5.3
EPSS
4.8%
CVE-2018-2625 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.0
5.3
EPSS
1.5%
CVE-2018-2614 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.0
5.3
EPSS
1.2%
CVE-2018-2610 MEDIUM PATCH This Month

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hyperion Data Relationship Management
NVD
CVSS 3.0
5.3
EPSS
1.5%
CVE-2018-2603 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +14
NVD
CVSS 3.1
5.3
EPSS
6.9%
CVE-2018-2561 MEDIUM PATCH This Month

Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Http Server
NVD
CVSS 3.0
5.3
EPSS
2.0%
CVE-2018-2560 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.0).

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
5.0
EPSS
0.4%
CVE-2018-2684 MEDIUM PATCH This Month

Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Registration Process). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.0
4.9
EPSS
1.5%
CVE-2018-2667 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.2%
CVE-2018-2646 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.7%
CVE-2018-2645 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass MySQL
NVD
CVSS 3.0
4.9
EPSS
2.4%
CVE-2018-2607 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Hospitality Guest Access
NVD
CVSS 3.0
4.9
EPSS
1.1%
CVE-2018-2600 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.5%
CVE-2018-2591 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.8%
CVE-2018-2590 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
3.0%
CVE-2018-2586 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.5%
CVE-2018-2576 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.2%
CVE-2018-2565 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
4.9
EPSS
2.2%
CVE-2018-2635 MEDIUM PATCH This Month

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Login). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.0
4.8
EPSS
1.1%
CVE-2018-2599 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Denial Of Service Jdk Jre +14
NVD
CVSS 3.1
4.8
EPSS
4.2%
CVE-2018-2581 MEDIUM PATCH This Month

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Authentication Bypass Jdk Jre +18
NVD
CVSS 3.1
4.7
EPSS
2.5%
CVE-2018-2602 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Rated medium severity (CVSS 4.5), this vulnerability is no authentication required.

Java Oracle Denial Of Service Jdk Jre +13
NVD
CVSS 3.1
4.5
EPSS
0.6%
CVE-2018-0100 MEDIUM This Month

A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, local attacker to have read and write access to information stored in the affected. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

XXE Cisco Anyconnect Secure Mobility Client
NVD
CVSS 3.0
4.4
EPSS
0.4%
CVE-2018-2580 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite (subcomponent: ADPatch). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Oracle Authentication Bypass Applications Dba
NVD
CVSS 3.0
4.4
EPSS
0.4%
CVE-2018-2678 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +14
NVD
CVSS 3.1
4.3
EPSS
4.7%
CVE-2018-2677 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +13
NVD
CVSS 3.1
4.3
EPSS
4.7%
CVE-2018-2663 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +14
NVD
CVSS 3.1
4.3
EPSS
4.7%
CVE-2018-2632 MEDIUM PATCH This Month

Vulnerability in the Siebel Engineering - Installer and Deployment component of Oracle Siebel CRM (subcomponent: Siebel Approval Manager). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Siebel Engineering Installer And Deployment
NVD
CVSS 3.0
4.3
EPSS
0.9%
CVE-2018-2631 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.0
4.3
EPSS
0.8%
CVE-2018-2595 MEDIUM PATCH This Month

Vulnerability in the Hyperion BI+ component of Oracle Hyperion (subcomponent: Foundation UI & Servlets). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Hyperion Bi
NVD
CVSS 3.0
4.3
EPSS
0.8%
CVE-2018-2594 MEDIUM PATCH This Month

Vulnerability in the Hyperion BI+ component of Oracle Hyperion (subcomponent: Foundation UI & Servlets). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Hyperion Bi
NVD
CVSS 3.0
4.3
EPSS
0.8%
CVE-2018-2588 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Authentication Bypass Jdk Jre +14
NVD
CVSS 3.1
4.3
EPSS
3.4%
CVE-2018-2584 MEDIUM PATCH This Month

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Webcenter Sites
NVD
CVSS 3.0
4.3
EPSS
1.1%
CVE-2018-2675 LOW PATCH Monitor

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Java Advanced Management Console
NVD
CVSS 3.0
3.7
EPSS
1.9%
CVE-2018-2579 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre +14
NVD
CVSS 3.1
3.7
EPSS
4.1%
CVE-2018-0106 LOW Monitor

A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access sensitive information on a targeted system. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Elastic Information Disclosure Cisco Elastic Services Controller
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2018-0109 LOW Monitor

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access sensitive data about the application. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Webex Meetings Server
NVD
CVSS 3.0
2.7
EPSS
1.2%
CVE-2018-2575 LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable.

Oracle Microsoft Authentication Bypass Database Server
NVD
CVSS 3.0
2.0
EPSS
0.9%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy