Skip to main content
CVE-2019-3019 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Digital Experience product of Oracle Financial Services Applications (component: Loan Calculator). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Banking Digital Experience
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-15282 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Identity Services Engine Software
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2019-3027 MEDIUM PATCH This Month

Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Login Help). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Application Object Library
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2019-3012 MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: BI Platform Security). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence
NVD
CVSS 3.1
5.3
EPSS
1.7%
CVE-2019-3001 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise SCM eProcurement product of Oracle PeopleSoft (component: eProcurement). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Scm Eprocurement
NVD
CVSS 3.1
5.3
EPSS
1.5%
CVE-2019-2993 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: C API). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2935 MEDIUM PATCH This Month

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Siebel Ui Framework
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2019-2924 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2923 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2922 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2920 MEDIUM PATCH This Month

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle MySQL Ubuntu Linux
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2888 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: EJB Container). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
5.3
EPSS
5.2%
CVE-2019-2765 MEDIUM PATCH This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated medium severity (CVSS 5.3).

Denial Of Service Oracle Solaris
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2019-12703 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SPA122 ATA with Router Devices could allow an unauthenticated, adjacent attacker to conduct cross-site scripting attacks. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Spa122 Firmware
NVD
CVSS 3.1
5.2
EPSS
0.4%
CVE-2019-2939 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
5.0
EPSS
1.1%
CVE-2019-2913 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
5.0
EPSS
1.1%
CVE-2019-3003 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2019-2998 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2019-2997 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2019-2982 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2019-2968 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2019-2963 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2019-2960 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2019-2957 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
1.8%
CVE-2019-2950 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
3.1%
CVE-2019-2948 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2019-15281 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Identity Services Engine Software
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2019-15280 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2019-15269 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Firepower Management Center 2600 Firmware Firepower Appliance 7030 Firmware Firepower Appliance 7110 Firmware +31
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2019-15268 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Firepower Management Center 2600 Firmware Firepower Appliance 7030 Firmware Firepower Appliance 7110 Firmware +31
NVD
CVSS 3.1
4.8
EPSS
0.8%
CVE-2019-2977 MEDIUM PATCH This Month

Vulnerability in the Java SE product of Oracle Java SE (component: Hotspot). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +8
NVD
CVSS 3.1
4.8
EPSS
2.6%
CVE-2019-2975 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +16
NVD
CVSS 3.1
4.8
EPSS
3.3%
CVE-2019-11281 MEDIUM This Month

Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, versions 1.15.x prior to 1.15.13, versions 1.16.x prior to 1.16.6, and versions 1.17.x prior to 1.17.3, contain two components, the. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Rabbitmq Openstack Openstack For Ibm Power Debian Linux +1
NVD
CVSS 3.1
4.8
EPSS
1.2%
CVE-2019-3024 MEDIUM PATCH This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Installed Base
NVD
CVSS 3.1
4.7
EPSS
1.1%
CVE-2019-3023 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Stylesheet). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
4.7
EPSS
1.1%
CVE-2019-2999 MEDIUM PATCH This Month

Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +17
NVD
CVSS 3.1
4.7
EPSS
2.7%
CVE-2019-2930 MEDIUM PATCH This Month

Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Wireless). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Field Service
NVD
CVSS 3.1
4.7
EPSS
1.1%
CVE-2019-2883 MEDIUM PATCH This Month

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Segment). Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Retail Customer Management And Segmentation Foundation
NVD
CVSS 3.1
4.6
EPSS
0.7%
CVE-2019-15962 MEDIUM This Month

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to write files to the /root directory of an affected device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Telepresence Collaboration Endpoint
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-15273 MEDIUM This Month

Multiple vulnerabilities in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to overwrite arbitrary files. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco Telepresence Collaboration Endpoint
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-15266 MEDIUM This Month

A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cisco Wireless Lan Controller Software
NVD
CVSS 3.1
4.4
EPSS
0.7%
CVE-2019-3018 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.4
EPSS
2.1%
CVE-2019-3009 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.4
EPSS
2.5%
CVE-2019-2938 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL MariaDB Fedora +6
NVD
CVSS 3.1
4.4
EPSS
3.0%
CVE-2019-16698 MEDIUM PATCH This Month

The direct_mail (aka Direct Mail) extension through 5.2.2 for TYPO3 has a missing access check in the backend module, allowing a user (with restricted permissions to the fe_users table) to view and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Direct Mail
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2019-3015 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Integration Broker). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2019-2951 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: US Federal Specific). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Human Capital Management Human Resources
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2019-2925 MEDIUM PATCH This Month

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Worklist). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Workflow
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2019-2898 MEDIUM PATCH This Month

Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: BI Publisher Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Bi Publisher
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2019-2887 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
4.3
EPSS
1.2%
Prev Page 4 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy