Lucene search
K

924 matches found

OSV
OSV
added 2017/04/24 7:59 p.m.3 views

CVE-2017-3626

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle...

3.1CVSS5.8AI score0.0152EPSS
Exploits0References3
OSV
OSV
added 2017/04/24 7:59 p.m.2 views

CVE-2017-3598

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware subcomponent: Advanced UI. Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP t...

3.1CVSS5.8AI score
Exploits0References3
OSV
OSV
added 2017/04/24 7:59 p.m.3 views

CVE-2017-3579

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite subcomponent: Web Access. Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows unauthenticated attacker with...

6.1CVSS5.8AI score0.01356EPSS
Exploits0References3
OSV
OSV
added 2017/04/24 7:59 p.m.4 views

CVE-2017-3517

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime SEC. The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

6.5CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2017/04/24 7:59 p.m.4 views

CVE-2017-3513

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM...

2.5CVSS5.8AI score0.00363EPSS
Exploits0References3
OSV
OSV
added 2017/04/24 7:59 p.m.4 views

CVE-2017-3469

Vulnerability in the MySQL Workbench component of Oracle MySQL subcomponent: Workbench: Security : Encryption. Supported versions that are affected are 6.3.8 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

3.7CVSS5.8AI score0.00982EPSS
Exploits0References3
OSV
OSV
added 2017/04/24 7:59 p.m.1 views

UBUNTU-CVE-2017-3513

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM...

2.5CVSS6.7AI score0.00363EPSS
Exploits0References2
OSV
OSV
added 2017/04/24 7:59 p.m.4 views

UBUNTU-CVE-2017-3469

Vulnerability in the MySQL Workbench component of Oracle MySQL subcomponent: Workbench: Security : Encryption. Supported versions that are affected are 6.3.8 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

3.7CVSS5.7AI score0.00982EPSS
Exploits0References3
CNVD
CNVD
added 2017/04/20 12:0 a.m.1 views

Apache Tomcat Information Disclosure Vulnerability (CNVD-2017-05037)

Apache Tomcat is the United States Apache Apache Software Foundation under the Jakarta project of a lightweight Web application server , it is mainly used for the development and debugging of JSP programs for small and medium-sized systems. A security vulnerability exists in the handling of...

7.5CVSS8.6AI score0.1684EPSS
Exploits0References1
OSV
OSV
added 2017/04/14 4:59 p.m.3 views

CVE-2016-8926

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. IBM X-Force ID: 118539...

4.3CVSS5.8AI score0.00832EPSS
Exploits0References1
OSV
OSV
added 2017/04/12 2:59 p.m.5 views

CVE-2017-2989

Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database...

9.1CVSS5.8AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/02/09 12:0 a.m.6 views

Vulnerability of the Java Platform software platform, which allows a perpetrator to gain access to data for reading purposes

The vulnerability of the Java Mission Control component of the Java Platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain read access to data through network packets...

5CVSS6.2AI score0.02054EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/02/09 12:0 a.m.8 views

Vulnerability of the Java Platform software platform, which allows a perpetrator to gain access to data for reading purposes

The vulnerability of the Networking component of the Java Platform is related to errors in the code. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to data through network packets...

4.3CVSS6.7AI score0.02499EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/02/09 12:0 a.m.5 views

Vulnerability of the Java Platform software platform, which allows a perpetrator to gain access to data for reading purposes

The vulnerability of the Java Platform’s networking software components is related to the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to data through network packets...

4.3CVSS6.7AI score0.02166EPSS
Exploits0References3
OSV
OSV
added 2017/01/27 10:59 p.m.4 views

CVE-2017-3300

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Multichannel Framework. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

6.1CVSS7.3AI score0.01593EPSS
Exploits2References4
OSV
OSV
added 2017/01/27 10:59 p.m.4 views

CVE-2016-8299

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows low privileged attacker with...

6.3CVSS7.3AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2017/01/27 10:59 p.m.3 views

CVE-2016-8307

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows unauthenticated attacker with...

5.3CVSS5.3AI score0.01631EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2017/01/19 1:59 p.m.3 views

JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...

4.3CVSS5.8AI score0.02162EPSS
Exploits0References5
OSV
OSV
added 2017/01/18 12:0 a.m.4 views

UBUNTU-CVE-2017-3231

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS6.7AI score0.02166EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.5 views

php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input

The exifprocessIFDinJPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted header data...

9.8CVSS7.4AI score0.12179EPSS
Exploits1References4
Rows per page
Query Builder