CVE-2018-2586

Summary: CVE-2018-2586 affects the MySQL Server component (Server: DML) in Oracle MySQL. Public sources confirm vulnerable versions up to 5.7.20; patched in 5.7.21 across multiple distributions (e.g., Fedora 26/26 updates, Red Hat RHSA-2018:0586, Debian/Ubuntu advisories). The root cause is a vul...

CVE-2018-2589

CVE-2018-2589 affects the Oracle Hospitality Simphony Enterprise Server component, impacting versions 2.7, 2.8 and 2.9. An unauthenticated attacker with network access over HTTP can compromise confidentiality and potentially access all Oracle Hospitality Simphony data. The CVSSv3 base score is 7....

CVE-2018-2603

CVE-2018-2603 is an OpenJDK/Oracle Java Libraries vulnerability: unbounded memory allocation when reading DER-encoded input in the Libraries (and related JNDI/AWT/JMX contexts). This can allow an unauthenticated attacker with network access via multiple protocols to cause a partial denial of serv...

CVE-2018-2609

CVE-2018-2609 affects Oracle Agile PLM Security in Oracle Supply Chain Products Suite, with affected versions 9.3.5 and 9.3.6. The vulnerability allows an unauthenticated, network-accessible attacker (via HTTP) to compromise data confidentiality and integrity, potentially enabling unauthorized up...

CVE-2018-2611

Technical details about CVE-2018-2611 are not publicly provided in the connected documents. The available records reiterate affected product and severity but do not disclose exploit specifics, affected versions beyond prior to 8.7.13, or remediation steps. Monitor for updates.

CVE-2018-2624

CVE-2018-2624 affects the Sun ZFS Storage Appliance Kit (AK) UI component of Oracle Sun Systems Products Suite. Affected: all versions before 8.7.13. Root cause: untrusted access that allows an unauthenticated, network-based attacker to compromise AK via HTTP. Impact: potential unauthorized acces...

CVE-2018-2663

CVE-2018-2663 affects Oracle Java SE family, specifically the Libraries component (and related Java SE deployments) including Java SE/JRockit/Jackson? The connected documents indicate: vulnerable input handling during object deserialization in Libraries, AWT, and JNDI components, which can lead t...

CVE-2018-2665

CVE-2018-2665 affects Oracle MySQL Server (Server: Optimizer). Affected releases include MySQL 5.5.58 and older, 5.6.38 and older, and 5.7.20 and older. The vulnerability is exploitable by a low-privileged attacker who can access the server over the network, and can lead to an unauthorized hang o...

CVE-2018-2667

CVE-2018-2667 affects the MySQL Server component (Server: Optimizer). Affected are 5.7.20 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or a complete DoS through the MySQL Server Optimizer path. Several connected advisor...

CVE-2018-2676

CVE-2018-2676 affects the Oracle VM VirtualBox Core component. Affected are VirtualBox versions prior to 5.1.32 and prior to 5.2.6. The vulnerability allows a high-privilege attacker who has logon to the infrastructure where VirtualBox runs to compromise the VirtualBox instance, with potential ta...

CVE-2018-2685

CVE-2018-2685 affects Oracle VM VirtualBox Core; vulnerable in VirtualBox 5.1.x before 5.1.32 and 5.2.x before 5.2.6. Exploitation is described as easily exploitable with local access and user interaction required, potentially allowing takeover of VirtualBox (and impacting other products). Remedi...

CVE-2018-2686

CVE-2018-2686 affects Oracle VM VirtualBox (Core) with affected versions prior to 5.1.32 and prior to 5.2.6. The vulnerability is described as easily exploitable, requiring a logon to the infrastructure and human interaction, and could lead to takeover of VirtualBox. CVSS v3.0 base score is 8.6 (...

CVE-2018-2690

CVE-2018-2690 affects Oracle VM VirtualBox (Core) with affected versions prior to 5.1.32 and prior to 5.2.6. The vulnerability is described as easily exploitable, allowing an unauthenticated attacker who has logon to the infrastructure running VirtualBox to compromise it; exploitation requires us...

CVE-2018-2694

CVE-2018-2694 describes a vulnerability in the core of the Oracle VM VirtualBox component. Affected are VirtualBox versions prior to 5.1.32 and prior to 5.2.6. The issue allows a low-privilege, logged-on attacker to compromise Oracle VM VirtualBox, with potential takeover of the VirtualBox enviro...

CVE-2018-2696

CVE-2018-2696 affects the MySQL Server component (Server : Security : Privileges) in Oracle MySQL. Reported affected versions include 5.6.38 and earlier, and 5.7.20 and earlier. The vulnerability can be exploited remotely by an unauthenticated attacker over several network protocols, potentially ...

CVE-2018-2705

CVE-2018-2705 affects Oracle Banking Payments (Payments Core) in Oracle Financial Services Applications, with affected versions 12.3.0 and 12.4.0. The vulnerability is exploitable by a low-privilege attacker who has network access via HTTP and can compromise Oracle Banking Payments, potentially l...

CVE-2018-2706

CVE-2018-2706 affects Oracle Banking Corporate Lending (Oracle Financial Services Applications), Core module. Affected versions: 12.3.0 and 12.4.0. An attacker with network access via HTTP and low privileges can compromise the component, potentially leading to takeover and impacting confidentiali...

CVE-2018-2714

The CVE-2018-2714 entry concerns Oracle Financial Services Market Risk (User Interface subcomponent) in Oracle Financial Services Applications, affected in version 8.0.x. The vulnerability allows an unauthenticated attacker with network access over HTTP to compromise Market Risk, with attacks req...

CVE-2018-2622

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2018-2686

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBo...