Skip to main content
CVE-2018-0237 MEDIUM This Month

A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Apple Advanced Malware Protection For Endpoints
NVD
CVSS 3.1
5.8
EPSS
1.2%
CVE-2018-7899 MEDIUM This Month

The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00),. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Berkeley Al20 Firmware Berkeley Bd Firmware
NVD
CVSS 3.0
5.5
EPSS
0.6%
CVE-2018-2812 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux Oncommand Insight +4
NVD
CVSS 3.0
5.5
EPSS
2.4%
CVE-2018-2787 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux MariaDB
NVD
CVSS 3.1
5.5
EPSS
2.6%
CVE-2018-2786 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux MariaDB
NVD
CVSS 3.1
5.5
EPSS
2.5%
CVE-2018-2853 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations, Client Application Loader). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
5.4
EPSS
0.8%
CVE-2018-2802 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Client Application Loader). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
5.4
EPSS
0.8%
CVE-2018-2752 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HCM component of Oracle PeopleSoft Products (subcomponent: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Human Capital Management
NVD
CVSS 3.0
5.4
EPSS
1.0%
CVE-2018-2749 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Banking Corporate Lending Banking Payments Flexcube Enterprise Limits And Collateral Management +2
NVD
CVSS 3.0
5.4
EPSS
1.0%
CVE-2018-0273 MEDIUM This Month

A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Cisco Staros
NVD
CVSS 3.0
5.3
EPSS
3.3%
CVE-2018-0260 MEDIUM This Month

A vulnerability in the web interface of Cisco MATE Live could allow an unauthenticated, remote attacker to view and download the contents of certain web application virtual directories. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Mate Live
NVD
CVSS 3.0
5.3
EPSS
2.4%
CVE-2018-0254 MEDIUM This Month

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Threat Defense
NVD
CVSS 3.0
5.3
EPSS
1.2%
CVE-2018-10219 MEDIUM This Month

baijiacms V3 has physical path leakage via an index.php?mod=mobile&name=member&do=index request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Baijiacms
NVD GitHub
CVSS 3.0
5.3
EPSS
0.9%
CVE-2018-10205 MEDIUM This Month

hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the container_setup_modules and hyper_rescan_scsi functions in container.c, related to runV 1.0.0 for Docker. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Docker Hyperstart
NVD GitHub
CVSS 3.0
5.3
EPSS
1.4%
CVE-2018-2873 MEDIUM PATCH This Month

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.0
5.3
EPSS
2.0%
CVE-2018-2872 MEDIUM PATCH This Month

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.0
5.3
EPSS
2.0%
CVE-2018-2869 MEDIUM PATCH This Month

Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Human Resources
NVD
CVSS 3.0
5.3
EPSS
2.0%
CVE-2018-2868 MEDIUM PATCH This Month

Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Human Resources
NVD
CVSS 3.0
5.3
EPSS
2.0%
CVE-2018-2867 MEDIUM PATCH This Month

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.0
5.3
EPSS
2.0%
CVE-2018-2866 MEDIUM PATCH This Month

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.0
5.3
EPSS
2.0%
CVE-2018-2865 MEDIUM PATCH This Month

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.0
5.3
EPSS
2.0%
CVE-2018-2864 MEDIUM PATCH This Month

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.0
5.3
EPSS
2.0%
CVE-2018-2858 MEDIUM PATCH This Month

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Sun Zfs Storage Appliance Kit
NVD
CVSS 3.0
5.3
EPSS
2.0%
CVE-2018-2815 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +11
NVD
CVSS 3.1
5.3
EPSS
4.8%
CVE-2018-2799 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +13
NVD
CVSS 3.1
5.3
EPSS
15.1%
CVE-2018-2798 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +12
NVD
CVSS 3.1
5.3
EPSS
7.8%
CVE-2018-2797 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +12
NVD
CVSS 3.1
5.3
EPSS
7.8%
CVE-2018-2796 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +12
NVD
CVSS 3.1
5.3
EPSS
6.9%
CVE-2018-2795 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Jdk Jre +12
NVD
CVSS 3.1
5.3
EPSS
7.8%
CVE-2018-1035 MEDIUM PATCH This Month

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows 10, Windows. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.0
5.3
EPSS
1.3%
CVE-2018-2877 MEDIUM PATCH This Month

Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: ndbcluster/plugin). Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Oracle Denial Of Service Mysql Cluster
NVD
CVSS 3.0
5.0
EPSS
0.5%
CVE-2018-2863 MEDIUM PATCH This Month

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Sun Zfs Storage Appliance Kit
NVD
CVSS 3.0
5.0
EPSS
1.4%
CVE-2018-2808 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
5.0
EPSS
0.5%
CVE-2018-2789 MEDIUM PATCH This Month

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Siebel Core Server Framework
NVD
CVSS 3.0
5.0
EPSS
1.0%
CVE-2018-2846 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux Oncommand Insight +4
NVD
CVSS 3.0
4.9
EPSS
2.9%
CVE-2018-2839 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux Oncommand Insight +4
NVD
CVSS 3.0
4.9
EPSS
2.9%
CVE-2018-2818 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux Debian Linux +5
NVD
CVSS 3.0
4.9
EPSS
3.6%
CVE-2018-2816 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux Oncommand Insight +4
NVD
CVSS 3.0
4.9
EPSS
2.9%
CVE-2018-2810 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
3.1%
CVE-2018-2781 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Debian Linux Active Iq Unified Manager Oncommand Insight +12
NVD
CVSS 3.1
4.9
EPSS
3.3%
CVE-2018-2779 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux
NVD
CVSS 3.0
4.9
EPSS
2.9%
CVE-2018-2778 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux
NVD
CVSS 3.0
4.9
EPSS
2.9%
CVE-2018-2777 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
3.1%
CVE-2018-2776 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux
NVD
CVSS 3.0
4.9
EPSS
2.9%
CVE-2018-2769 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux
NVD
CVSS 3.0
4.9
EPSS
2.9%
CVE-2018-2766 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux MariaDB +5
NVD
CVSS 3.1
4.9
EPSS
3.1%
CVE-2018-2759 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.8%
CVE-2018-2785 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Stylesheet). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
4.7
EPSS
1.7%
CVE-2018-2771 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Oracle Denial Of Service MySQL Debian Linux Ubuntu Linux +12
NVD
CVSS 3.1
4.4
EPSS
3.6%
CVE-2018-2762 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Oracle Denial Of Service MySQL Ubuntu Linux
NVD
CVSS 3.0
4.4
EPSS
0.5%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy