CVE-2018-2916

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: API frameworks. The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols...

CVE-2018-3015

CVE-2018-3015 affects Oracle FLEXCUBE Universal Banking (Infrastructure subcomponent). Affected versions: 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0, 12.4.0, 14.0.0, and 14.1.0. The vulnerability allows a low-privileged attacker with network access via HTTP to compromise Oracl...

CVE-2018-3009

CVE-2018-3009 affects Oracle Outside In Technology (Outside In Filters) used by Oracle Fusion Middleware; the IBM and CVE records indicate the affected product area is Outside In Technology version 8.5.3. The vulnerability is described as unauthenticated remote access via HTTP with network access...

CVE-2018-2984

Summary (CVE-2018-2984) : The vulnerability affects the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications, specifically the Gangway Activity Web App, in version 9.x. The issue allows a low-privileged attacker who can reach the system over HTTP to compr...

CVE-2018-2979

CVE-2018-2979 affects Oracle FLEXCUBE Universal Banking (Infrastructure) across multiple supported versions (11.3.0, 11.4.0, 12.x up to 14.1.0). The vulnerability is a Denial of Service: a low-privileged attacker with network access via HTTP can cause a hang or frequent crash of the system. CVSS ...

CVE-2018-3050

CVE-2018-3050 affects the Oracle Financial Services Applications’ Banking Corporate Lending component (subcomponent: Core module). Affected versions are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. The vulnerability enables a low-privilege attacker with network access via HTTP to compromise Oracle ...

CVE-2018-3010

CVE-2018-3010 involves Oracle Outside In Technology (Outside In Filters) in Oracle Fusion Middleware. Affected is Outside In Technology version 8.5.3. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise data and potentially cause a partial denial of ser...

CVE-2018-3041

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.3.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker wi...

CVE-2018-3042

CVE-2018-3042 affects the Oracle Financial Services Applications Banking Corporate Lending component (Core module). Affected versions: 12.3.0, 12.4.0, 12.5.0, 14.0.0, 14.1.0. Root cause cited as an access control error allowing a low-privileged, network-accessible attacker (via HTTP) to update/in...

CVE-2018-3040

CVE-2018-3040 affects Oracle Financial Services Applications – Banking Corporate Lending component (Core module). Affected versions include 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Several connected sources describe an access-control error vulnerability that can cause a denial of service (hang ...

CVE-2018-3088

CVE-2018-3088 is a vulnerability in the Oracle VM VirtualBox Core component (part of Oracle Virtualization) affecting versions prior to 5.2.16. Public records in connected docs confirm the issue is addressed by upgrading VirtualBox to 5.2.16 (e.g., openSUSE/Mageia advisories) and describe the exp...

CVE-2018-3086

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

CVE-2018-3085

CVE-2018-3085 affects Oracle VM VirtualBox (component: Core) and is fixed in VirtualBox 5.2.16. The vulnerability allows an unauthenticated user with logon to the infrastructure hosting VirtualBox to compromise the VM software; exploitation requires user interaction. Impact includes unauthorized ...

CVE-2018-3089

CVE-2018-3089 affects Oracle VM VirtualBox (Core) before version 5.2.16. The vulnerability allows an unauthenticated attacker with access to the infrastructure running VirtualBox to compromise the VM software, with exploits requiring user interaction. The CVSSv3 base score is 8.6 (HIGH) with Loca...

CVE-2018-3087

CVE-2018-3087 affects Oracle VM VirtualBox (Core) and is fixed by upgrading to VirtualBox 5.2.16. The vulnerability is Local (attack vector: LOCAL), requires user interaction, and can lead to takeover of Oracle VM VirtualBox with High impact on confidentiality, integrity, and availability. Root c...

CVE-2018-2970

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: PIA Search Functionality. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

CVE-2018-3053

The CVE-2018-3053 vulnerability affects Oracle Retail Customer Management and Segmentation Foundation (Oracle Retail Applications) subcomponent Internal Operations, with affected versions 16.x and 17.x. The issue appears to be an access-control weakness that an attacker with network access over H...

CVE-2018-2963

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite subcomponent: Web Access. Supported versions that are affected are 8.4, 15.x and 16.x. Easily exploitable vulnerability allows low privileged attacker with network acce...

CVE-2018-3052

Vulnerability in the MICROS Relate CRM Software component of Oracle Retail Applications subcomponent: Internal Operations. Supported versions that are affected are 10.8.x and 11.4.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise MICROS...

CVE-2018-2939

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18.1 and 18.2. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Core RDBMS...