CVE-2018-3301

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: PIA Core Technology. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2018-3178

Vulnerability in the Hyperion Common Events component of Oracle Hyperion subcomponent: User Interface. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Common Events. Successful...

CVE-2018-3175

Vulnerability in the Hyperion Common Events component of Oracle Hyperion subcomponent: User Interface. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Common Events. Successful...

CVE-2018-2887

Vulnerability in the MICROS Retail-J component of Oracle Retail Applications subcomponent: Back Office. Supported versions that are affected are 13.0.0 and 12.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise MICROS Retail-J. Successf...

UBUNTU-CVE-2018-3136

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

UBUNTU-CVE-2018-3180

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with...

Huawei Mobile Phone Input Validation Vulnerability

Huawei Mate 10 ALP-L09 is a smartphone product of Chinese company Huawei Huawei. An input validation vulnerability exists in the Huawei Mate 10 ALP-L09 phone due to a lack of parameter checking. An attacker induces a user who has gained root privileges to install a carefully crafted application,...

CVE-2018-2450

SAP MaxDB liveCache, versions 7.8 and 7.9, allows an attacker who gets DBM operator privileges to execute crafted database queries and therefore read, modify or delete sensitive data from database...

WityCMS 0.6.2 - Cross-Site Request Forgery (Password Change)

WityCMS 0.6.2 - Cross-Site Request Forgery Password Change input type="hidden" name="groupe"...

CVE-2018-3006

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

CVE-2018-2981

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable...

CVE-2018-2974

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable...

CVE-2018-2950

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

CVE-2018-11036

Ruckus SmartZone formerly Virtual SmartCell Gateway or vSCG 3.5.0, 3.5.1, 3.6.0, and 3.6.1 Essentials and High Scale on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data...

CVE-2018-11036

Ruckus SmartZone formerly Virtual SmartCell Gateway or vSCG 3.5.0, 3.5.1, 3.6.0, and 3.6.1 Essentials and High Scale on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data...

School Management System CMS 1.0 - username SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: School Management System CMS 1.0 - Admin Login SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor : Wecodex Solutions Vendor Homepage: https://www.wecodex.com/item/view/school-management-system-in-php-and-mysql/5...

CVE-2018-2876

Vulnerability in the Oracle Retail Integration Bus component of Oracle Retail Applications subcomponent: RIB KernalApache Commons Collections. The supported version that is affected is 13.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...

CVE-2018-2857

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: HTTP data path subsystems. The supported version that is affected is Prior to 8.7.17. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2018-2587

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware subcomponent: Web Server Plugin. Supported versions that are affected are 10.1.4.3.0, 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to...