CVE-2018-3006

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

CVE-2018-3050

CVE-2018-3050 affects the Oracle Financial Services Applications’ Banking Corporate Lending component (subcomponent: Core module). Affected versions are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. The vulnerability enables a low-privilege attacker with network access via HTTP to compromise Oracle ...

CVE-2018-3036

CVE-2018-3036 affects Oracle Financial Services Applications’ Banking Corporate Lending component (Core). Affected versions: 12.3.0, 12.4.0, 12.5.0, 14.0.0, 14.1.0. The CNVD entry attributes the issue to an access-control error; NVD details describe unauthorized read, update, insert/delete, and p...

CVE-2018-2984

Summary (CVE-2018-2984) : The vulnerability affects the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications, specifically the Gangway Activity Web App, in version 9.x. The issue allows a low-privileged attacker who can reach the system over HTTP to compr...

CVE-2018-2946

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

CVE-2018-3070

CVE-2018-3070 affects Oracle MySQL Server (MySQL client mysqldump component). Affected versions are 5.5.60 and earlier, 5.6.40 and earlier, and 5.7.22 and earlier. The vulnerability is described as easily exploitable, requiring network access via multiple protocols, and can allow a low-privileged...

CVE-2018-2963

CVE-2018-2963 affects Oracle Primavera P6 Enterprise Project Portfolio Management (P6 EPPM) Web Access; affected versions are 8.4, 15.x and 16.x. The vulnerability enables a low-privileged, network-remote attacker (via HTTP) to read a subset of data from P6 EPPM. The available documents do not sp...

CVE-2018-3015

CVE-2018-3015 affects Oracle FLEXCUBE Universal Banking (Infrastructure subcomponent). Affected versions: 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0, 12.4.0, 14.0.0, and 14.1.0. The vulnerability allows a low-privileged attacker with network access via HTTP to compromise Oracl...

CVE-2018-2916

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: API frameworks. The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols...

CVE-2018-3089

CVE-2018-3089 affects Oracle VM VirtualBox (Core) before version 5.2.16. The vulnerability allows an unauthenticated attacker with access to the infrastructure running VirtualBox to compromise the VM software, with exploits requiring user interaction. The CVSSv3 base score is 8.6 (HIGH) with Loca...

CVE-2018-3009

CVE-2018-3009 affects Oracle Outside In Technology (Outside In Filters) used by Oracle Fusion Middleware; the IBM and CVE records indicate the affected product area is Outside In Technology version 8.5.3. The vulnerability is described as unauthenticated remote access via HTTP with network access...

CVE-2018-3042

CVE-2018-3042 affects the Oracle Financial Services Applications Banking Corporate Lending component (Core module). Affected versions: 12.3.0, 12.4.0, 12.5.0, 14.0.0, 14.1.0. Root cause cited as an access control error allowing a low-privileged, network-accessible attacker (via HTTP) to update/in...

CVE-2018-3040

CVE-2018-3040 affects Oracle Financial Services Applications – Banking Corporate Lending component (Core module). Affected versions include 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Several connected sources describe an access-control error vulnerability that can cause a denial of service (hang ...

CVE-2018-3041

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.3.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker wi...

CVE-2018-3085

CVE-2018-3085 affects Oracle VM VirtualBox (component: Core) and is fixed in VirtualBox 5.2.16. The vulnerability allows an unauthenticated user with logon to the infrastructure hosting VirtualBox to compromise the VM software; exploitation requires user interaction. Impact includes unauthorized ...

CVE-2018-3056

CVE-2018-3056 affects Oracle MySQL Server: Security: Privileges. Affected versions are MySQL 5.7.22 and earlier and 8.0.11 and earlier. An attacker with network access via multiple protocols can cause unauthorized read access to a subset of MySQL data. Remediation identified in connected advisori...

CVE-2018-2963

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite subcomponent: Web Access. Supported versions that are affected are 8.4, 15.x and 16.x. Easily exploitable vulnerability allows low privileged attacker with network acce...

CVE-2018-2981

The CVE-2018-2981 entry describes a vulnerability in Oracle FLEXCUBE Universal Banking (Infrastructure) affecting multiple supported versions (11.3.0, 11.4.0, 12.0.1–12.4.0, 14.0.0, 14.1.0). A low-privilege, network-accessible attacker can exploit HTTP to compromise data. Impact includes unauthor...

CVE-2018-2940

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

CVE-2018-3063

CVE-2018-3063 is a MySQL/MariaDB Server vulnerability in the Privileges subcomponent. Affected products include MySQL/MariaDB Server versions up to 5.5.60 and earlier. The vulnerability is exploitable by a high-privileged attacker with network access via multiple protocols and can lead to a hang ...