Skip to main content
CVE-2019-2721 HIGH POC PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Oracle Vm Virtualbox
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
2.2%
CVE-2019-11471 HIGH POC PATCH This Week

libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h because heif_context.cc mishandles references to non-existing alpha images. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Use After Free Information Disclosure Memory Corruption Libheif
NVD GitHub
CVSS 3.0
8.8
EPSS
1.8%
CVE-2019-2578 HIGH POC PATCH THREAT This Week

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Webcenter Sites
NVD
CVSS 3.0
8.6
EPSS
72.4%
CVE-2019-11487 HIGH POC PATCH This Week

The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Use After Free Linux Memory Corruption Linux Kernel +2
NVD GitHub
CVSS 3.1
7.8
EPSS
0.7%
CVE-2019-7303 HIGH POC This Week

A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Linux Canonical Information Disclosure Snapd Ubuntu Linux
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
3.7%
CVE-2019-2616 HIGH POC KEV PATCH THREAT This Week

Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Oracle Business Intelligence Publisher
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
92.2%
CVE-2019-10710 HIGH This Week

Insecure permissions in the Web management portal on all IP cameras based on Hisilicon Hi3510 firmware allow authenticated attackers to receive a network's cleartext WiFi credentials via a specific. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hi3510 Firmware
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2019-2723 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2019-2722 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2019-2703 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2019-2696 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2019-2680 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2019-2656 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2019-2598 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: SQR). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
8.7
EPSS
1.3%
CVE-2019-2706 HIGH PATCH This Week

Vulnerability in the Oracle Business Process Management Suite component of Oracle Fusion Middleware (subcomponent: BPM Foundation Services). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Process Management Suite
NVD
CVSS 3.0
8.2
EPSS
2.1%
CVE-2019-2705 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2682 HIGH PATCH This Week

Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Attachments / File Upload). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass File Upload Oracle Applications Framework
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2677 HIGH PATCH This Week

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2675 HIGH PATCH This Week

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Preferences). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Crm Technical Foundation
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2671 HIGH PATCH This Week

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Preferences). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Crm Technical Foundation
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2665 HIGH PATCH This Week

Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: CRM User Management Framework). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Common Applications
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2664 HIGH PATCH This Week

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2663 HIGH PATCH This Week

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Advanced Outbound Telephony
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2662 HIGH PATCH This Week

Vulnerability in the Oracle Territory Management component of Oracle E-Business Suite (subcomponent: Territory Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Territory Management
NVD
CVSS 3.0
8.2
EPSS
1.2%
CVE-2019-2661 HIGH PATCH This Week

Vulnerability in the Oracle Email Center component of Oracle E-Business Suite (subcomponent: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Email Center
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2660 HIGH PATCH This Week

Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: Setup, Admin). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Knowledge Management
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2655 HIGH PATCH This Week

Vulnerability in the Oracle Interaction Center Intelligence component of Oracle E-Business Suite (subcomponent: Business Intelligence (OLTP)). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Interaction Center Intelligence
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2654 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2653 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2652 HIGH PATCH This Week

Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Istore
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2651 HIGH PATCH This Week

Vulnerability in the Oracle Email Center component of Oracle E-Business Suite (subcomponent: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Email Center
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2643 HIGH PATCH This Week

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Trade Management
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2642 HIGH PATCH This Week

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Trade Management
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2641 HIGH PATCH This Week

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Trade Management
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2640 HIGH PATCH This Week

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Trade Management
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2639 HIGH PATCH This Week

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Preferences). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Crm Technical Foundation
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2619 HIGH PATCH This Week

Vulnerability in the Portable Clusterware component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Database
NVD
CVSS 3.0
8.2
EPSS
0.4%
CVE-2019-2604 HIGH PATCH This Week

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2603 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2600 HIGH PATCH This Week

Vulnerability in the Oracle Email Center component of Oracle E-Business Suite (subcomponent: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Email Center
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2595 HIGH PATCH This Week

Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2590 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager component of Oracle PeopleSoft Products (subcomponent: Job Opening). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Human Capital Management Talent Acquisition Manager
NVD
CVSS 3.0
8.2
EPSS
1.2%
CVE-2019-2583 HIGH PATCH This Week

Vulnerability in the Oracle iSupplier Portal component of Oracle E-Business Suite (subcomponent: Attachments). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Isupplier Portal
NVD
CVSS 3.0
8.2
EPSS
1.2%
CVE-2019-2551 HIGH PATCH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2019-2516 HIGH PATCH This Week

Vulnerability in the Portable Clusterware component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 3.0
8.2
EPSS
0.4%
CVE-2019-2698 HIGH POC PATCH THREAT This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Java Information Disclosure Oracle Jdk Jre +13
NVD Exploit-DB
CVSS 3.1
8.1
EPSS
12.0%
CVE-2019-2697 HIGH POC PATCH THREAT This Week

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Java Information Disclosure Oracle Jdk Jre +8
NVD Exploit-DB
CVSS 3.1
8.1
EPSS
11.5%
CVE-2019-2690 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.8).

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2019-2657 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2019-2601 HIGH PATCH This Week

Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.0
7.6
EPSS
1.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy