59 matches found
CVE-2020-14632
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...
Oracle Solaris Critical Patch Update : apr2020_SRU11_3_36_20_0
This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Common Desktop Environment. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileg...
Design/Logic Flaw
Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain component: Security. Supported versions that are affected are 9.3.3, 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attac...
CVE-2020-2951
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...
Design/Logic Flaw
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: WLS Core Components. The supported version that is affected is 10.3.6.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server...
Denial Of Service (Dos)
mysql is vulnerable to denial of service. An easily exploitable vulnerability allows a high privileged attacker to crash the server...
Denial Of Service (Dos)
mysql is vulnerable to denial of service. An easily exploitable vulnerability allows a high privileged attacker to crash the server...
Design/Logic Flaw
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: EJB Container. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise...
CVE-2018-3064
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...
CVE-2018-2903
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...
CVE-2018-3026
Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications subcomponent: Payments Core. Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via...
CVE-2018-2781
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol...
CVE-2018-2667
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...
CVE-2017-10000
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications subcomponent: Reporting. Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...
CVE-2017-10201
Vulnerability in the Oracle Hospitality e7 component of Oracle Hospitality Applications subcomponent: Other. The supported version that is affected is 4.2.1. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality e7 executes to...
CVE-2017-3309
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple...
CVE-2017-3316
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: GUI. Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
Solaris 10 (x86) : 127873-02 (deprecated)
Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: mailx1. Supported versions that are affected are 8, 9, 10 and 11. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized update, inse...
Easily exploitable Pseudo Random Number generator in phpbb version 2.0.19 and under.
I. DESCRIPTION Easily exploitable Pseudo Random Number generator in phpbb version 2.0.19 and under. II. DETAILS Due to poor design the genrandstring can only generate upto 1 million hashes or random strings. This allow an attacker to reset any account through the lost password request form by...