CVE-2017-10372

Summary of CVE-2017-10372 (Oracle Hospitality Guest Access) : A vulnerability in the Oracle Hospitality Guest Access component (Base) of Oracle Hospitality Applications affects versions 4.2.0 and 4.2.1. The issue enables a high-privilege attacker who has network access via HTTP to compromise Gues...

CVE-2017-10260

Vulnerability in the Oracle Integrated Lights Out Manager ILOM component of Oracle Sun Systems Products Suite subcomponent: System Management. The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

Vulnerability in Oracle Fusion Middleware Oracle Virtual Directory Component

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's business innovation platform for enterprise and cloud environments, which provides middleware, software collections, and other capabilities.Oracle Virtual Directory is one of the virtual directory components. A security...

The vulnerability of the rollback protection system in the Android operating system from the CAF repository allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Android operating system from the CAF repository is caused by unauthorized access to the indexed resource. Exploiting this vulnerability allows a malicious actor, operating remotely, to use the offset value beyond its permitted range within the system’s rollback protectio...

The vulnerability of the Linux operating system’s kernel, which arises due to the lack of checks for buffer length, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Linux operating system’s kernel arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to trigger buffer overflows and compromise the confidentiality, integrity, and accessibility of protect...

KLA11095 Denial of service vulnerability in Wireshark

A buffer overflow vulnerability was found in the Profinet I/O dissector in Wireshark. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed packet, which is injected onto the wire, or by convincing a...

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded (CNVD-2017-28400)

Oracle Java SE and Java SE Embedded are both products of Oracle Corporation. Java SE Java Platform Standard Edition is used to develop and deploy Java applications for desktops, servers, as well as embedded devices and real-time environments; Java SE Embedded is a Java platform for the developmen...

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2017-17515)

VirtualBox is cross-platform virtualization software for x86-based systems. A security vulnerability exists in the Core component implementation of Oracle VM VirtualBox versions prior to 5.1.24, which can be exploited by attackers to compromise system integrity and availability...

Oracle Java SE/JRockit Remote Vulnerability (CNVD-2017-18171)

Java SE is short for Java Platform Standard Edition, based on the JDK and JRE, for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. Oracle Java SE/JRockit has a security vulnerability in its implementation that allows an attacker t...

KLA11068 Denial of Service Vulnerability in Microsoft .NET Framework

An improper handling of web requests has been found in Microsoft Common Object Runtime Library. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited by issuing specially designed requests to the .NET web application. Original advisori...

Oracle Database Server Remote Vulnerability (CNVD-2017-06088)

Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. A remote security vulnerability exists in the Oracle Database Server OJVM component, which can be exploited by a remote attacker to...

Oracle FLEXCUBE Universal Banking Remote Vulnerability (CNVD-2017-06017)

Oracle Retail Applications is an e-commerce solution. A security vulnerability exists in the Oracle FLEXCUBE Universal Banking component, which can be exploited by remote attackers to compromise system availability...

The vulnerability of the Android operating system, which allows a perpetrator to affect the integrity, accessibility, and confidentiality of information.

The vulnerability in the access control system for Android operating systems exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain incorrect check values for the memory range check from the access control...

KLA10947 Denial of service vulnerability in Kaspersky products

Vulnerability was found in window broadcast message handling functionality of Kaspersky products. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited locally via a specially designed unhandled window messages, which cause termination...

KLA10928 Denial of service vulnerabilities in PHP

Multiple serious vulnerabilities have been found in PHP through 5.6.27 and 7.x through 7.0.12. Malicious users can exploit these vulnerabilities to cause a denial of service. Other unspecified impacts are also possible. Below is a complete list of vulnerabilities: 1. Mishandling of property...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2016-09909)

Oracle MySQL is an open source relational database management system from Oracle. This database system is characterized by high performance, low cost and good reliability. A security vulnerability exists in the Oracle MySQL Server: Error Handling subcomponent. An attacker can exploit this...

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded Components (CNVD-2016-09780)

Oracle Java SE and Java SE Embedded are both products of Oracle Corporation. Java SE Java Platform Standard Edition is used to develop and deploy Java applications for desktops, servers, as well as embedded devices and real-time environments; Java SE Embedded is a Java platform for the developmen...

KLA10878 Denial of service vulnerability in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome before 53.0.2785.143. Malicious users can exploit these vulnerabilities to cause denial of service or possibly conduct other unknown impacts. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in V8 can be...

Vulnerability of the Java Platform software platform, which allows attackers to compromise the confidentiality, integrity, and accessibility of information

The vulnerability of the Java Platform-related software is associated with errors in the code. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the confidentiality, integrity, and accessibility of information through actions related to installation...

CVE-2016-5446

Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Infrastructure...