Skip to main content
CVE-2019-10711 HIGH This Week

Incorrect access control in the RTSP stream and web portal on all IP cameras based on Hisilicon Hi3510 firmware (until Webware version V1.0.1) allows attackers to view an RTSP stream by connecting to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hi3510 Firmware
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-2650 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.0
7.5
EPSS
39.3%
CVE-2019-2649 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.0
7.5
EPSS
39.3%
CVE-2019-2648 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2019-2647 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.0
7.5
EPSS
2.3%
CVE-2019-2632 HIGH PATCH This Week

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
3.7%
CVE-2019-2602 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Java Denial Of Service Oracle Jdk Jre +14
NVD
CVSS 3.1
7.5
EPSS
7.4%
CVE-2019-2567 HIGH PATCH This Week

Vulnerability in the Oracle Configurator component of Oracle Supply Chain Products Suite (subcomponent: Active Model Generation). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Configurator
NVD
CVSS 3.0
7.5
EPSS
1.6%
CVE-2019-2565 HIGH PATCH This Week

Vulnerability in the JD Edwards World Technical Foundation component of Oracle JD Edwards Products (subcomponent: Service Enablement). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Jd Edwards World Technical Foundation
NVD
CVSS 3.0
7.5
EPSS
1.6%
CVE-2019-2518 HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Java Information Disclosure Oracle Database Server
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2019-0223 HIGH This Week

While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Information Disclosure Apache Qpid Jboss Amq Clients 2 +8
NVD
CVSS 3.1
7.4
EPSS
6.2%
CVE-2019-2679 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.0
7.3
EPSS
0.5%
CVE-2019-2608 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
7.3
EPSS
1.2%
CVE-2019-2558 HIGH PATCH This Week

Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Infrastructure). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Retail Point Of Service
NVD
CVSS 3.0
7.3
EPSS
1.2%
CVE-2019-2424 HIGH PATCH This Week

Vulnerability in the Oracle Retail Convenience Store Back Office component of Oracle Retail Applications (subcomponent: Level 3 Maintenance Functions). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Oracle Retail Convenience Store Back Office
NVD
CVSS 3.0
7.3
EPSS
1.2%
CVE-2019-11486 HIGH PATCH This Week

The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions. Rated high severity (CVSS 7.0).

Race Condition Linux Siemens Information Disclosure Linux Kernel +9
NVD GitHub
CVSS 3.1
7.0
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy