CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2017/10/19 5:29 p.m.•3 views

CVE-2017-10367

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Engagement. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.4CVSS5.8AI score

Exploits0References2

OSV•added 2017/10/19 5:29 p.m.•2 views

CVE-2017-10336

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Container. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP ...

5.3CVSS7.3AI score

OSV•added 2017/10/19 5:29 p.m.•2 views

CVE-2017-10161

Vulnerability in the Oracle Engineering Data Management component of Oracle Supply Chain Products Suite subcomponent: Web Services Security. Supported versions that are affected are 6.1.3.0 and 6.2.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTT...

4.8CVSS7.3AI score0.00407EPSS

Exploits0References2

OpenVAS•added 2017/10/18 12:0 a.m.•46 views

Oracle Java SE Security Updates (oct2017-3236626) 01 - Windows

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:jre"; ifdescription...

7.1CVSS7.3AI score0.01939EPSS

Exploits6References2

OSV•added 2017/10/03 1:29 a.m.•2 views

CVE-2017-1311

IBM Insights Foundation for Energy 2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 125719...

8.8CVSS5.9AI score0.00615EPSS

RedHat Linux•added 2017/09/21 7:42 a.m.•1 views

mysql: Client programs unspecified vulnerability (CPU Jul 2017)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server execut...

5.3CVSS7.1AI score0.00087EPSS

Exploits0References5

5.3CVSS5.6AI score0.00087EPSS

ALPINE-CVE-2017-3636

Exploits0References1

CVE-2017-10256

Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products subcomponent: EPPCMHIERTOP. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSo...

6.1CVSS5.8AI score

6.1CVSS7.3AI score0.00463EPSS

CVE-2017-10249

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Integration Broker. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2017-10255

6.1CVSS7.3AI score

6.1CVSS7.3AI score0.00463EPSS

CVE-2017-10248

CVE-2017-10206

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Engagement. The supported version that is affected is 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality...

7.3CVSS7.3AI score

CVE-2017-10179

Vulnerability in the Application Management Pack for Oracle E-Business Suite component of Oracle E-Business Suite subcomponent: User Monitoring. Supported versions that are affected are AMP 12.1.0.4.0 and AMP 13.1.1.1.0. Easily exploitable vulnerability allows unauthenticated attacker with networ...

6.5CVSS7.3AI score

6.1CVSS7.3AI score0.00463EPSS

CVE-2017-10172

Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications subcomponent: Framework. Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

CVE-2017-10030

Vulnerability in the BI Publisher component of Oracle Fusion Middleware subcomponent: Web Server. The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks...

8.2CVSS7.3AI score

CVE-2017-10040

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware subcomponent: Content Server. Supported versions that are affected are 11.1.1.9.0 and 12.2.1.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

8.2CVSS7.3AI score

CVE-2017-10005

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Miscellaneous. Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

6.1CVSS7.3AI score

6.1CVSS5.8AI score0.00463EPSS

CVE-2017-10021

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: PIA Search. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...