Skip to main content
CVE-2018-2828 HIGH PATCH This Week

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Authentication Bypass Webcenter Content
NVD
CVSS 3.0
8.2
EPSS
1.4%
CVE-2018-2856 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Basel Regulatory Capital Internal Ratings Based Approach
NVD
CVSS 3.0
8.1
EPSS
2.0%
CVE-2018-2855 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Basel Regulatory Capital Basic component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Basel Regulatory Capital Basic
NVD
CVSS 3.0
8.1
EPSS
2.0%
CVE-2018-2851 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2018-2833 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2018-2803 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Reporting And Analytics
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2018-6306 HIGH This Week

Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Password Manager
NVD
CVSS 3.0
7.8
EPSS
2.6%
CVE-2018-2849 HIGH PATCH This Week

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Primavera P6 Enterprise Project Portfolio Management
NVD
CVSS 3.0
7.7
EPSS
1.4%
CVE-2018-2824 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
7.7
EPSS
1.4%
CVE-2018-2811 HIGH PATCH This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Install). Rated high severity (CVSS 7.7), this vulnerability is no authentication required.

Java Oracle Information Disclosure Jdk Jre +3
NVD
CVSS 3.1
7.7
EPSS
0.5%
CVE-2018-2794 HIGH PATCH This Week

Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 7.7), this vulnerability is no authentication required.

Java Oracle Information Disclosure Jdk Jre +12
NVD
CVSS 3.1
7.7
EPSS
0.7%
CVE-2018-2755 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Rated high severity (CVSS 7.7), this vulnerability is no authentication required.

Oracle Information Disclosure MySQL Debian Linux Ubuntu Linux +12
NVD
CVSS 3.1
7.7
EPSS
0.8%
CVE-2018-2754 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: ZVNET Driver). Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
7.7
EPSS
0.5%
CVE-2018-2840 HIGH PATCH This Week

Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xstore Office). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Microsoft Denial Of Service Authentication Bypass Retail Xstore Point Of Service
NVD
CVSS 3.0
7.6
EPSS
1.3%
CVE-2018-2827 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Profile). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Suite8
NVD
CVSS 3.0
7.6
EPSS
1.1%
CVE-2018-2770 HIGH PATCH This Week

Vulnerability in the Oracle Adaptive Access Manager component of Oracle Fusion Middleware (subcomponent: OAAM Admin). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Adaptive Access Manager
NVD
CVSS 3.0
7.6
EPSS
1.4%
CVE-2018-0239 HIGH This Week

A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Staros
NVD
CVSS 3.1
7.5
EPSS
3.4%
CVE-2018-0227 HIGH This Week

A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2018-8118 HIGH PATCH This Week

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
9.4%
CVE-2018-7920 HIGH This Week

Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 V200R006C10SPC300, AR2200 V200R006C10SPC300, AR3200 V200R006C10SPC300 devices have an improper resource management vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Ar1200 Firmware Ar160 Firmware Ar200 Firmware +2
NVD
CVSS 3.0
7.5
EPSS
0.9%
CVE-2018-2848 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Client Application Loader). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2018-2765 HIGH PATCH This Week

Vulnerability in the Oracle Security Service component of Oracle Fusion Middleware (subcomponent: Oracle SSL API). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Security Service
NVD
CVSS 3.0
7.5
EPSS
3.4%
CVE-2018-2764 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
7.5
EPSS
3.2%
CVE-2018-2718 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
7.5
EPSS
3.2%
CVE-2018-0241 HIGH This Week

A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple Ios Xr
NVD
CVSS 3.0
7.4
EPSS
0.9%
CVE-2018-2804 HIGH PATCH This Week

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: DB Privileges). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.0
7.4
EPSS
2.1%
CVE-2018-2783 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre +7
NVD
CVSS 3.1
7.4
EPSS
4.0%
CVE-2018-2850 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Hospitality Cruise Fleet Management
NVD
CVSS 3.0
7.3
EPSS
1.3%
CVE-2018-2774 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: SQR). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
7.3
EPSS
1.9%
CVE-2018-2742 HIGH PATCH This Week

Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Framework). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Enterprise Manager Ops Center
NVD
CVSS 3.0
7.3
EPSS
1.9%
CVE-2018-2876 HIGH PATCH This Week

Vulnerability in the Oracle Retail Integration Bus component of Oracle Retail Applications (subcomponent: RIB Kernal(Apache Commons Collections)). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Apache Retail Integration Bus
NVD
CVSS 3.0
7.1
EPSS
1.0%
CVE-2018-2862 HIGH PATCH This Week

Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Retail Point Of Service
NVD
CVSS 3.0
7.1
EPSS
1.1%
CVE-2018-2806 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
2.2%
CVE-2018-2801 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Image Export SDK). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
2.2%
CVE-2018-2768 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
2.2%
CVE-2018-2750 HIGH PATCH This Week

Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite (subcomponent: UI Framework). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Enterprise Manager Base Platform
NVD
CVSS 3.0
7.1
EPSS
1.5%
CVE-2018-2746 HIGH PATCH This Week

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Banking Corporate Lending Banking Payments Flexcube Enterprise Limits And Collateral Management +2
NVD
CVSS 3.0
7.1
EPSS
1.6%
CVE-2018-0275 MEDIUM This Month

A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to access the device's shell. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Identity Services Engine
NVD
CVSS 3.0
6.7
EPSS
0.3%
CVE-2018-2845 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Oracle Denial Of Service Vm Virtualbox
NVD
CVSS 3.0
6.6
EPSS
0.4%
CVE-2018-2822 MEDIUM PATCH This Month

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: Cluster Geo). Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Oracle Denial Of Service Authentication Bypass Solaris Cluster
NVD
CVSS 3.0
6.6
EPSS
0.4%
CVE-2018-0267 MEDIUM This Month

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Unified Communications Manager
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2018-0229 MEDIUM This Month

A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On (SSO) authentication for Cisco AnyConnect Secure Mobility Client for Desktop Platforms, Cisco. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Session Fixation Denial Of Service Cisco Anyconnect Secure Mobility Client Adaptive Security Appliance Software
NVD
CVSS 3.0
6.5
EPSS
3.6%
CVE-2018-2861 MEDIUM PATCH This Month

Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications (subcomponent: Security). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Microsoft Denial Of Service Retail Back Office
NVD
CVSS 3.0
6.5
EPSS
1.6%
CVE-2018-2847 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
6.5
EPSS
1.5%
CVE-2018-2823 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Database). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2018-2819 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL MariaDB Ubuntu Linux +12
NVD
CVSS 3.1
6.5
EPSS
3.2%
CVE-2018-2817 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux Debian Linux +12
NVD
CVSS 3.1
6.5
EPSS
3.2%
CVE-2018-2805 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: GIS Extension). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL
NVD
CVSS 3.0
6.5
EPSS
2.7%
CVE-2018-2784 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux MariaDB +5
NVD
CVSS 3.1
6.5
EPSS
3.0%
CVE-2018-2782 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux MariaDB +5
NVD
CVSS 3.1
6.5
EPSS
3.1%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy