PHP out-of-bounds read vulnerability (CNVD-2018-09229)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A security vulnerability exists in th...

CVE-2018-2864

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Diagnostics. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access v...

ALPINE-CVE-2018-2813

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2018-2789

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM subcomponent: Services. The supported version that is affected is 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Core - Server Framework. Whi...

CVE-2018-2587

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware subcomponent: Web Server Plugin. Supported versions that are affected are 10.1.4.3.0, 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2018-2742

Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite subcomponent: Framework. Supported versions that are affected are 12.2.2 and 12.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2018-2572

Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite subcomponent: Installation. Supported versions that are affected are 6.1.1.6, 6.2.0.0 and 6.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with netwo...

Exiv2 BigTiffImage::readData Assertion Failure Vulnerability

Exiv2 is a C++ library for extracting EXIF, LPTC and XMP metadata information from images. An assertion failure security vulnerability exists in Exiv2 version 0.26 bigtiffimage.cpp/BigTiffImage::readData, which can be exploited by an attacker to cause a service interruption...

CVE-2017-14464

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

Microsoft Windows kernel local information disclosure vulnerability (CNVD-2018-05062)

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the operating system kernels. An information disclosure vulnerability exists in the Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on to an...

IBM Tealeaf Customer Experience Session Vulnerability

IBM Tealeaf Customer Experience is a SaaS Software-as-a-Service based analytics solution for web and mobile applications from IBM, USA. The solution helps clients improve the overall user experience by analyzing and understanding data, and supports the adoption of advanced user interfaces for ric...

CVE-2016-2983

IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker under unusual circumstances to read operational data or TLS session state for any active sessions, cause denial of service, or bypass security. IBM X-Force ID: 113999...

CVE-2018-2712

Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning component of Oracle Financial Services Applications subcomponent: User Interface. The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2018-2719

Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations component of Oracle Financial Services Applications subcomponent: User Interface. The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network acce...

CVE-2018-2681

Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products subcomponent: Security. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-2018-2682

Vulnerability in the Oracle Financial Services Liquidity Risk Management component of Oracle Financial Services Applications subcomponent: User Interface. The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...

CVE-2018-2653

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Connected Query. Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2018-2643

Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications subcomponent: Case Selection. Supported versions that are affected are 7.x and 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus...

CVE-2018-2631

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite subcomponent: Security. Supported versions that are affected are 6.2.11, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.4.1, 6.4.2 and 6.4.3. Easily exploitable vulnerability allows low...

CVE-2018-2610

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion subcomponent: Access and security. The supported version that is affected is 11.1.2.4.330. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion...