CVE-2019-2537

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2019-2416

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Application Server. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

CVE-2019-2546

CVE-2019-2546 affects Oracle E-Business Suite, specifically the Applications Manager SQL Extensions component. Affected versions include 12.1.1, 12.1.2, 12.1.3, 12.2.3–12.2.8. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manag...

CVE-2019-2474

CVE-2019-2474 concerns the Oracle Outside In Technology component (Outside In Filters) in Oracle Fusion Middleware, with affected versions 8.5.3 and 8.5.4. The vulnerability enables an unauthenticated attacker with network access over HTTP to cause a hang or crash of Oracle Outside In Technology ...

CVE-2019-2435

CVE-2019-2435 affects Oracle MySQL Connectors (Connector/Python). Affected: MySQL Connectors 8.0.13 and earlier, and 2.1.8 and earlier. Attack requires network access via TLS and user interaction; can lead to unauthorized data access or modification within MySQL Connectors. Some connected advisor...

CVE-2019-2410

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications subcomponent: DGS RES Online, FMS Sender, FMS Receiver, OHC WPF Security. The supported version that is affected is 8.0.8. Easily exploitable vulnerability allows...

CVE-2019-2495

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2019-2502

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

CVE-2019-2507

CVE-2019-2507 affects Oracle MySQL Server, subcomponent Server: Optimizer. Affected versions: 5.6.42 and prior, 5.7.24 and prior, 8.0.13 and prior. Exploitation requires network access with high privileges; successful attacks may cause a hang or frequent crash (DoS) of MySQL Server. Remediation i...

CVE-2019-2547

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple...

CVE-2018-3304

CVE-2018-3304 affects the Oracle Application Testing Suite Load Testing for Web Apps in Oracle Enterprise Manager Products Suite (affected versions include 12.5.0.3, 13.1.0.1, 13.2.0.1, 13.3.0.1). The vulnerability allows an unauthenticated attacker, over HTTP, to perform unauthorized updates/ins...

CVE-2019-2482

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: PS. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2019-2524

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

CVE-2019-2532

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2019-2478

CVE-2019-2478 affects Oracle Outside In Technology (Outside In Filters) used in Oracle Fusion Middleware; IBM bulletin lists Rational DOORS Next Generation 6.0.6 as affected through a related Outside In Technology vulnerability, with the remediation to upgrade Rational DOORS Next Generation to 6....

CVE-2019-2507

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol...

CVE-2019-2508

CVE-2019-2508 affects Oracle VM VirtualBox (Core) with vulnerable versions prior to 5.2.24 and prior to 6.0.2. The issue allows a low-privilege user with local logon to crash or hang VirtualBox (partial DoS) and may impact other products. Remediation shown in multiple OS advisories: upgrade Virtu...

CVE-2019-2406

Affected: Oracle Database Server Core RDBMS (versions 12.1.0.2, 12.2.0.1, 18c). Vulnerability: CVE-2019-2406 allows a high-privilege attacker with Create Session and Execute Catalog Role, over Oracle Net, to take over the Core RDBMS. Documents indicate this is referenced in the Jan 2019 CPU (Orac...

CVE-2019-2547

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple...

CVE-2019-2400

CVE-2019-2400 affects Oracle E-Business Suite, specifically the Oracle iStore User Registration subcomponent. Affected versions include 12.1.1–12.2.8. The vulnerability is exploitable by an unauthenticated attacker who can reach Oracle iStore over HTTP; however, user interaction is required for e...