Skip to main content
CVE-2018-3055 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Oracle Denial Of Service Vm Virtualbox
NVD
CVSS 3.0
7.1
EPSS
0.5%
CVE-2018-3010 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
2.3%
CVE-2018-3009 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
2.3%
CVE-2018-3002 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Fleet Management
NVD
CVSS 3.0
7.1
EPSS
0.5%
CVE-2018-3000 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
7.1
EPSS
0.6%
CVE-2018-2992 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Authentication Bypass Outside In Technology
NVD
CVSS 3.0
7.1
EPSS
35.5%
CVE-2018-2978 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Oracle Denial Of Service Authentication Bypass Hospitality Simphony
NVD
CVSS 3.0
7.1
EPSS
1.7%
CVE-2018-2932 HIGH PATCH This Week

Vulnerability in the Oracle SuperCluster Specific Software component of Oracle Sun Systems Products Suite (subcomponent: SuperCluster Virtual Assistant). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Supercluster Specific Software
NVD
CVSS 3.0
7.1
EPSS
1.9%
CVE-2018-2954 HIGH PATCH This Week

Vulnerability in the Oracle Order Management component of Oracle E-Business Suite (subcomponent: Product Diagnostic Tools). Rated high severity (CVSS 7.0).

Oracle Information Disclosure Order Management
NVD
CVSS 3.0
7.0
EPSS
0.4%
CVE-2018-2988 MEDIUM PATCH This Month

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Products). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.0
6.9
EPSS
1.9%
CVE-2018-0342 MEDIUM This Month

A vulnerability in the configuration and monitoring service of the Cisco SD-WAN Solution could allow an authenticated, local attacker to execute arbitrary code with root privileges or cause a denial. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Cisco Vbond Orchestrator +11
NVD
CVSS 3.0
6.7
EPSS
0.5%
CVE-2018-2888 MEDIUM PATCH This Month

Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Back Office). Rated medium severity (CVSS 6.7).

Oracle Microsoft Denial Of Service Authentication Bypass Micros Retail J
NVD
CVSS 3.0
6.7
EPSS
0.5%
CVE-2018-0393 MEDIUM This Month

A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Mobility Services Engine 3365 Firmware Mobility Services Engine 3355 Firmware Mobility Services Engine 3310 Firmware
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2018-10877 MEDIUM PATCH This Month

Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Linux Ubuntu Linux Linux Kernel +2
NVD
CVSS 3.0
6.5
EPSS
2.3%
CVE-2018-3073 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight Oncommand Workflow Automation +2
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2018-3070 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight Oncommand Workflow Automation +4
NVD
CVSS 3.0
6.5
EPSS
3.6%
CVE-2018-3065 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.0
6.5
EPSS
3.7%
CVE-2018-3060 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight Oncommand Workflow Automation +4
NVD
CVSS 3.1
6.5
EPSS
2.9%
CVE-2018-3041 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Flexcube Enterprise Limits And Collateral Management
NVD
CVSS 3.0
6.5
EPSS
2.2%
CVE-2018-3040 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Banking Corporate Lending
NVD
CVSS 3.0
6.5
EPSS
2.2%
CVE-2018-3030 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Flexcube Investor Servicing
NVD
CVSS 3.0
6.5
EPSS
2.2%
CVE-2018-3022 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Banking Payments
NVD
CVSS 3.0
6.5
EPSS
2.2%
CVE-2018-3014 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Reports). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Opera Property Management
NVD
CVSS 3.0
6.5
EPSS
2.0%
CVE-2018-3013 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Report Server Config). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hospitality Opera Property Management
NVD
CVSS 3.0
6.5
EPSS
2.0%
CVE-2018-2979 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Flexcube Universal Banking
NVD
CVSS 3.0
6.5
EPSS
2.2%
CVE-2018-2977 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
6.5
EPSS
2.5%
CVE-2018-2968 MEDIUM PATCH This Month

Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Primavera Unifier
NVD
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-2947 MEDIUM PATCH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Jd Edwards Enterpriseone Tools
NVD
CVSS 3.0
6.5
EPSS
2.0%
CVE-2018-2925 MEDIUM PATCH This Month

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
CVSS 3.0
6.5
EPSS
2.0%
CVE-2018-2904 MEDIUM PATCH This Month

Vulnerability in the Oracle Communications EAGLE LNP Application Processor component of Oracle Communications Applications (subcomponent: GUI). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Communications Eagle Local Number Portability Application Processor
NVD
CVSS 3.0
6.5
EPSS
1.7%
CVE-2018-3053 MEDIUM PATCH This Month

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation component of Oracle Retail Applications (subcomponent: Internal Operations). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Retail Customer Management And Segmentation Foundation
NVD
CVSS 3.0
6.4
EPSS
1.1%
CVE-2018-3052 MEDIUM PATCH This Month

Vulnerability in the MICROS Relate CRM Software component of Oracle Retail Applications (subcomponent: Internal Operations). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Micros Relate Customer Relationship Management Software
NVD
CVSS 3.0
6.4
EPSS
1.1%
CVE-2018-3091 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.0
6.3
EPSS
0.6%
CVE-2018-3037 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Flexcube Enterprise Limits And Collateral Management
NVD
CVSS 3.0
6.3
EPSS
1.4%
CVE-2018-3036 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Banking Corporate Lending
NVD
CVSS 3.0
6.3
EPSS
1.4%
CVE-2018-3028 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Flexcube Investor Servicing
NVD
CVSS 3.0
6.3
EPSS
1.4%
CVE-2018-3020 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Banking Payments
NVD
CVSS 3.0
6.3
EPSS
1.4%
CVE-2018-2974 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Flexcube Universal Banking
NVD
CVSS 3.0
6.3
EPSS
1.4%
CVE-2018-2881 MEDIUM PATCH This Month

Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Database). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Micros Retail J
NVD
CVSS 3.0
6.3
EPSS
0.9%
CVE-2018-3003 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Fleet Management
NVD
CVSS 3.0
6.2
EPSS
0.5%
CVE-2018-3001 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
6.2
EPSS
0.5%
CVE-2018-2951 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Configuration Manager). Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
6.2
EPSS
0.5%
CVE-2018-0401 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Contact Center Express Unified Ip Interactive Voice Response
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2018-0400 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Contact Center Express Unified Ip Interactive Voice Response
NVD
CVSS 3.0
6.1
EPSS
1.3%
CVE-2018-0396 MEDIUM This Month

A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Communications Manager Im And Presence Service
NVD
CVSS 3.0
6.1
EPSS
1.8%
CVE-2018-0390 MEDIUM This Month

A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based (DOM-based) cross-site scripting (XSS) attack against the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Webex Meetings
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2018-14380 MEDIUM PATCH This Month

In Graylog before 2.4.6, XSS was possible in typeahead components, related to components/common/TypeAheadInput.jsx and components/search/QueryInput.ts. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Graylog
NVD GitHub
CVSS 3.0
6.1
EPSS
1.0%
CVE-2018-5232 MEDIUM This Month

The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Atlassian XSS Jira Jira Server
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2018-3068 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Compensation). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Human Capital Management Human Resources
NVD
CVSS 3.0
6.1
EPSS
1.5%
CVE-2018-3006 MEDIUM PATCH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Jd Edwards Enterpriseone Tools
NVD
CVSS 3.0
6.1
EPSS
1.5%
Prev Page 3 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy