CVE-2018-2594

Vulnerability in the Hyperion BI+ component of Oracle Hyperion subcomponent: Foundation UI & Servlets. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion BI+. Successful attacks...

CVE-2018-2574

Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM subcomponent: Outlook Client. Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel CRM Desktop. Successful...

CVE-2018-2681

Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products subcomponent: Security. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-2018-2698

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

CVE-2018-2582

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...

CVE-2018-2688

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBo...

CVE-2018-2697

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications subcomponent: Emergency Response System. The supported version that is affected is 9.0.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2018-2668

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols...

CVE-2017-10282

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute Catalog Role privilege with network access via Oracle Net to...

CVE-2018-2612

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2018-2651

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: XML Publisher. Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2018-2686

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBo...

CVE-2018-2688

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBo...

CVE-2018-2690

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBo...

CVE-2018-2689

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBo...

CVE-2018-2622

Removed by vendor...

CVE-2018-2585

Removed by vendor...

CVE-2018-2622

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

BuddyBoss Media <= 3.2.3 - Stored XSS

The album description does not perform input / output validation. According to the researcher: No reply from vendor. Issue not patched. Vulnerability can be exploited by any user. Form not vulnerable to CSRF. PoC '"...

CVE-2018-2667

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...