Skip to main content
CVE-2019-2642 HIGH PATCH This Week

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Trade Management
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2641 HIGH PATCH This Week

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Trade Management
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2640 HIGH PATCH This Week

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Trade Management
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2639 HIGH PATCH This Week

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Preferences). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Crm Technical Foundation
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2619 HIGH PATCH This Week

Vulnerability in the Portable Clusterware component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Database
NVD
CVSS 3.0
8.2
EPSS
0.4%
CVE-2019-2604 HIGH PATCH This Week

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2603 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2600 HIGH PATCH This Week

Vulnerability in the Oracle Email Center component of Oracle E-Business Suite (subcomponent: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Email Center
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2595 HIGH PATCH This Week

Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2590 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager component of Oracle PeopleSoft Products (subcomponent: Job Opening). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Human Capital Management Talent Acquisition Manager
NVD
CVSS 3.0
8.2
EPSS
1.2%
CVE-2019-2583 HIGH PATCH This Week

Vulnerability in the Oracle iSupplier Portal component of Oracle E-Business Suite (subcomponent: Attachments). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Isupplier Portal
NVD
CVSS 3.0
8.2
EPSS
1.2%
CVE-2019-2551 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2516 HIGH PATCH This Week

Vulnerability in the Portable Clusterware component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 3.0
8.2
EPSS
0.4%
CVE-2019-2698 HIGH POC PATCH THREAT This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Java Information Disclosure Oracle Jdk Jre +13
NVD Exploit-DB
CVSS 3.1
8.1
EPSS
12.0%
CVE-2019-2697 HIGH POC PATCH THREAT This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Java Information Disclosure Oracle Jdk Jre +8
NVD Exploit-DB
CVSS 3.1
8.1
EPSS
11.5%
CVE-2019-2690 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.8).

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2019-2657 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2019-2601 HIGH PATCH This Week

Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
7.6
EPSS
1.0%
CVE-2019-10711 HIGH This Week

Incorrect access control in the RTSP stream and web portal on all IP cameras based on Hisilicon Hi3510 firmware (until Webware version V1.0.1) allows attackers to view an RTSP stream by connecting to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hi3510 Firmware
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-2650 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.0
7.5
EPSS
39.3%
CVE-2019-2649 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.0
7.5
EPSS
39.3%
CVE-2019-2648 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2019-2647 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.0
7.5
EPSS
2.3%
CVE-2019-2632 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
3.7%
CVE-2019-2602 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Java Denial Of Service Oracle Jdk Jre +14
NVD
CVSS 3.1
7.5
EPSS
7.4%
CVE-2019-2567 HIGH PATCH This Week

Vulnerability in the Oracle Configurator component of Oracle Supply Chain Products Suite (subcomponent: Active Model Generation). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Configurator
NVD
CVSS 3.0
7.5
EPSS
1.6%
CVE-2019-2565 HIGH PATCH This Week

Vulnerability in the JD Edwards World Technical Foundation component of Oracle JD Edwards Products (subcomponent: Service Enablement). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Jd Edwards World Technical Foundation
NVD
CVSS 3.0
7.5
EPSS
1.6%
CVE-2019-2518 HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Java Information Disclosure Oracle Database Server
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2019-0223 HIGH This Week

While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Information Disclosure Apache Qpid Jboss Amq Clients 2 +8
NVD
CVSS 3.1
7.4
EPSS
6.2%
CVE-2019-2679 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
7.3
EPSS
0.5%
CVE-2019-2608 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
7.3
EPSS
1.2%
CVE-2019-2558 HIGH PATCH This Week

Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Infrastructure). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Retail Point Of Service
NVD
CVSS 3.0
7.3
EPSS
1.2%
CVE-2019-2424 HIGH PATCH This Week

Vulnerability in the Oracle Retail Convenience Store Back Office component of Oracle Retail Applications (subcomponent: Level 3 Maintenance Functions). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Oracle Retail Convenience Store Back Office
NVD
CVSS 3.0
7.3
EPSS
1.2%
CVE-2019-11486 HIGH PATCH This Week

The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions. Rated high severity (CVSS 7.0).

Race Condition Linux Siemens Information Disclosure Linux Kernel +9
NVD GitHub
CVSS 3.1
7.0
EPSS
0.4%
CVE-2019-10688 MEDIUM This Month

VVX products with software versions including and prior to, UCS 5.9.2 with Better Together over Ethernet Connector (BToE) application 3.9.1, use hard-coded credentials to establish connections. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Unified Communications Software Better Together Over Ethernet Connector
NVD
CVSS 3.0
6.8
EPSS
0.3%
CVE-2019-2594 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Application Server). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
6.8
EPSS
1.1%
CVE-2019-2571 MEDIUM PATCH This Month

Vulnerability in the RDBMS DataPump component of Oracle Database Server. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Information Disclosure Oracle Database Server
NVD
CVSS 3.0
6.6
EPSS
1.1%
CVE-2019-2713 MEDIUM PATCH This Month

Vulnerability in the Oracle Commerce Merchandising component of Oracle Commerce (subcomponent: Asset Manager). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Commerce Merchandising
NVD
CVSS 3.0
6.5
EPSS
1.0%
CVE-2019-2695 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2019-2694 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2019-2693 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2019-2678 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2019-2613 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
6.5
EPSS
1.7%
CVE-2019-2612 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
6.5
EPSS
1.7%
CVE-2019-2611 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
6.5
EPSS
1.7%
CVE-2019-2610 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
6.5
EPSS
1.5%
CVE-2019-2609 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
6.5
EPSS
1.5%
CVE-2019-2574 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2019-11474 MEDIUM PATCH This Month

coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Graphicsmagick Fedora Debian Linux Ubuntu Linux +2
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2019-11473 MEDIUM PATCH This Month

coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Information Disclosure Graphicsmagick
NVD
CVSS 3.0
6.5
EPSS
2.4%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy