Skip to main content
CVE-2018-2997 HIGH PATCH This Week

Vulnerability in the Oracle Scripting component of Oracle E-Business Suite (subcomponent: Script Author). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Scripting
NVD
CVSS 3.0
8.2
EPSS
2.0%
CVE-2018-2995 HIGH PATCH This Week

Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Istore
NVD
CVSS 3.0
8.2
EPSS
2.0%
CVE-2018-2993 HIGH PATCH This Week

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Preferences). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Customer Relationship Management Technical Foundation
NVD
CVSS 3.0
8.2
EPSS
2.0%
CVE-2018-2991 HIGH PATCH This Week

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Trade Management
NVD
CVSS 3.0
8.2
EPSS
2.0%
CVE-2018-2989 HIGH PATCH This Week

Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Ilearning
NVD
CVSS 3.0
8.2
EPSS
1.5%
CVE-2018-2976 HIGH PATCH This Week

Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Networking). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Enterprise Manager Ops Center
NVD
CVSS 3.0
8.2
EPSS
2.2%
CVE-2018-2958 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
CVSS 3.0
8.2
EPSS
2.1%
CVE-2018-2953 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass One To One Fulfillment
NVD
CVSS 3.0
8.2
EPSS
2.0%
CVE-2018-2900 HIGH PATCH This Week

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Layout Tools). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
CVSS 3.0
8.2
EPSS
2.1%
CVE-2018-8042 HIGH This Week

Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apache Information Disclosure Ambari
NVD
CVSS 3.0
8.1
EPSS
1.8%
CVE-2018-3051 HIGH PATCH This Week

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Enterprise Limits And Collateral Management
NVD
CVSS 3.0
8.1
EPSS
2.0%
CVE-2018-3050 HIGH PATCH This Week

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Banking Corporate Lending
NVD
CVSS 3.0
8.1
EPSS
2.0%
CVE-2018-3035 HIGH PATCH This Week

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Investor Servicing
NVD
CVSS 3.0
8.1
EPSS
2.1%
CVE-2018-3027 HIGH PATCH This Week

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Banking Payments
NVD
CVSS 3.0
8.1
EPSS
2.0%
CVE-2018-3015 HIGH PATCH This Week

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.0
8.1
EPSS
2.1%
CVE-2018-2984 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Gangway Activity Web App). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Fleet Management
NVD
CVSS 3.0
8.1
EPSS
2.0%
CVE-2018-2956 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Integration). Rated high severity (CVSS 8.1), this vulnerability is no authentication required.

Oracle Information Disclosure Hospitality Opera Property Management
NVD
CVSS 3.0
8.1
EPSS
0.4%
CVE-2018-2928 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RAD). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
8.1
EPSS
2.0%
CVE-2018-0379 HIGH This Week

Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Cisco Webex Meetings Online Webex Business Suite +1
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2018-0351 HIGH This Week

A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Vbond Orchestrator Vedge Plus Vedge Pro +9
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-0347 HIGH This Week

A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Vbond Orchestrator Vedge Plus Vedge Pro +9
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-10616 HIGH This Week

ABB Panel Builder 800 all versions has an improper input validation vulnerability which may allow an attacker to insert and run arbitrary code on a computer where the affected product is used. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Abb Panel Builder 800
NVD
CVSS 3.0
7.8
EPSS
1.2%
CVE-2018-2908 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
7.7
EPSS
1.8%
CVE-2018-2882 HIGH PATCH This Week

Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Interfaces). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Micros Retail J
NVD
CVSS 3.0
7.7
EPSS
1.0%
CVE-2018-2926 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NVIDIA-GFX Kernel driver). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Oracle Nvidia Denial Of Service Solaris
NVD
CVSS 3.0
7.6
EPSS
1.4%
CVE-2018-0372 HIGH This Week

A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.0
7.5
EPSS
2.5%
CVE-2018-0346 HIGH This Week

A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Cisco Vbond Orchestrator Vedge Plus +10
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2018-2996 HIGH PATCH This Week

Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: Oracle Diagnostics Interfaces). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Applications Manager
NVD
CVSS 3.0
7.5
EPSS
2.7%
CVE-2018-2957 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Logging). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Opera Property Management
NVD
CVSS 3.0
7.5
EPSS
2.8%
CVE-2018-2944 HIGH PATCH This Week

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Monitoring and Diagnostics). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Jd Edwards Enterpriseone Tools
NVD
CVSS 3.0
7.5
EPSS
2.8%
CVE-2018-2918 HIGH PATCH This Week

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Oracle Information Disclosure Sun Zfs Storage Appliance Kit
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2018-14371 HIGH PATCH This Week

The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Java Path Traversal Mojarra
NVD GitHub
CVSS 3.0
7.5
EPSS
4.4%
CVE-2018-2990 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
7.4
EPSS
2.2%
CVE-2018-2966 HIGH PATCH This Week

Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Primavera Unifier
NVD
CVSS 3.0
7.4
EPSS
1.2%
CVE-2018-2920 HIGH PATCH This Week

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Sun Zfs Storage Appliance Kit
NVD
CVSS 3.0
7.4
EPSS
1.2%
CVE-2018-0348 HIGH This Week

A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Vbond Orchestrator Vedge Plus Vedge Pro +9
NVD
CVSS 3.1
7.2
EPSS
2.9%
CVE-2018-0344 HIGH This Week

A vulnerability in the vManage dashboard for the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Vbond Orchestrator Vedge Plus Vedge Pro +9
NVD
CVSS 3.0
7.2
EPSS
2.0%
CVE-2018-10871 HIGH This Week

389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure 389 Directory Server Debian Linux
NVD
CVSS 3.0
7.2
EPSS
1.0%
CVE-2018-3104 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
1.5%
CVE-2018-3103 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
1.5%
CVE-2018-3102 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
1.5%
CVE-2018-3099 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
1.5%
CVE-2018-3098 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
1.8%
CVE-2018-3097 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
1.8%
CVE-2018-3096 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
1.8%
CVE-2018-3095 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
1.8%
CVE-2018-3094 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
1.8%
CVE-2018-3093 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
1.8%
CVE-2018-3092 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
1.8%
CVE-2018-3064 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight Oncommand Workflow Automation +5
NVD
CVSS 3.1
7.1
EPSS
3.2%
Prev Page 2 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy