Lucene search
K

9461 matches found

CVE
CVE
added 2019/01/16 7:0 p.m.192 views

CVE-2019-2548

CVE-2019-2548 affects Oracle VM VirtualBox Core with vulnerable paths in the OpenGL/HGCM pipeline. The Oracle VirtualBox components for hosts prior to 5.2.24 and 6.0.2 are exploitable when a low-privileged user with logon can trigger an attacker-controlled call chain. Public material in connected...

7.8CVSS6.3AI score0.00799EPSS
Exploits2References3Affected Software1
Vulnrichment
Vulnrichment
added 2019/01/16 7:0 p.m.9 views

CVE-2019-2410

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications subcomponent: DGS RES Online, FMS Sender, FMS Receiver, OHC WPF Security. The supported version that is affected is 8.0.8. Easily exploitable vulnerability allows...

5.6AI score0.00424EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2019/01/16 7:0 p.m.12 views

CVE-2019-2414

Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware subcomponent: Web Listener. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle HTTP Server executes to...

6.6AI score0.00452EPSS
Exploits0References2
CVE
CVE
added 2019/01/16 7:0 p.m.44 views

CVE-2019-2409

CVE-2019-2409 affects Oracle Hospitality Cruise Shipboard Property Management System, SPMS Suite (component of Oracle Hospitality Applications), specifically version 8.0.8. The vulnerability allows a low-privilege attacker with logon to the infrastructure where SPMS executes to compromise the sys...

6.7CVSS6.6AI score0.00373EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/01/16 7:0 p.m.159 views

CVE-2019-2509

CVE-2019-2509 affects Oracle VM VirtualBox (Core). Affected: Oracle VM VirtualBox versions prior to 5.2.24 and prior to 6.0.2. Root cause: vulnerability in VirtualBox core that enables a low-privileged attacker with logon to the infrastructure running VirtualBox to crash or hang the VM platform (...

6.5CVSS6.5AI score0.00499EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2019/01/16 7:0 p.m.53 views

CVE-2019-2442

CVE-2019-2442 concerns Oracle PeopleSoft: a vulnerability in the Fluid Core subcomponent of the PeopleSoft Enterprise PeopleTools. Affected versions are 8.55, 8.56 and 8.57. The issue allows an unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools, ...

6.1CVSS5.5AI score0.01123EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/01/16 7:0 p.m.67 views

CVE-2019-2406

Affected: Oracle Database Server Core RDBMS (versions 12.1.0.2, 12.2.0.1, 18c). Vulnerability: CVE-2019-2406 allows a high-privilege attacker with Create Session and Execute Catalog Role, over Oracle Net, to take over the Core RDBMS. Documents indicate this is referenced in the Jan 2019 CPU (Orac...

7.2CVSS7.2AI score0.01733EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/01/16 7:0 p.m.639 views

CVE-2019-2529

CVE-2019-2529 affects Oracle MySQL Server (Server: Optimizer). Affected: 5.6.42 and prior, 5.7.24 and prior, 8.0.13 and prior. Low-privilege, network-access attacker can cause a hang or complete DOS. Remediation: advisories/applicable updates exist (e.g., ALAS/CentOS/RHSA); update mariadb/mysql p...

6.5CVSS6.2AI score0.0461EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2019/01/16 7:0 p.m.79 views

CVE-2019-2444

CVE-2019-2444 affects Oracle Database Server Core RDBMS. Affected versions are 12.2.0.1 and 18c. The vulnerability allows a low-privileged, local attacker with logon to the infrastructure where Core RDBMS runs to take over the Core RDBMS, with exploitation requiring user interaction. CVSSv3 base ...

8.2CVSS8.2AI score0.00438EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2019/01/16 7:0 p.m.12 views

CVE-2019-2505

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

5.3AI score0.00481EPSS
Exploits0References3
CVE
CVE
added 2019/01/16 7:0 p.m.409 views

CVE-2019-2482

CVE-2019-2482 affects Oracle MySQL Server (Server: PS) with vulnerable versions 5.6.42 and earlier, 5.7.24 and earlier, and 8.0.13 and earlier. The flaw allows an authenticated, network-accessing attacker via multiple protocols to cause a hang or crash (DoS) in MySQL Server. Several connected sou...

6.5CVSS6.2AI score0.02887EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2019/01/16 7:0 p.m.15 views

CVE-2019-2434

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Parser. Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

6.3AI score0.03264EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2019/01/16 7:0 p.m.17 views

CVE-2019-2420

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

5.8AI score0.03144EPSS
Exploits0References6
CVE
CVE
added 2019/01/16 7:0 p.m.394 views

CVE-2019-2420

CVE-2019-2420 is a vulnerability in the Oracle MySQL Server: Optimizer subcomponent. Affected products/versions include MySQL Server 5.7.24 and prior and 8.0.13 and prior; exploitation requires network access and high privileges, via multiple protocols, to cause a hang or frequent crash (DoS). Co...

4.9CVSS4.8AI score0.03144EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2019/01/16 7:0 p.m.411 views

CVE-2019-2507

CVE-2019-2507 affects Oracle MySQL Server, subcomponent Server: Optimizer. Affected versions: 5.6.42 and prior, 5.7.24 and prior, 8.0.13 and prior. Exploitation requires network access with high privileges; successful attacks may cause a hang or frequent crash (DoS) of MySQL Server. Remediation i...

4.9CVSS4.8AI score0.03211EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2019/01/16 7:0 p.m.64 views

CVE-2018-3304

CVE-2018-3304 affects the Oracle Application Testing Suite Load Testing for Web Apps in Oracle Enterprise Manager Products Suite (affected versions include 12.5.0.3, 13.1.0.1, 13.2.0.1, 13.3.0.1). The vulnerability allows an unauthenticated attacker, over HTTP, to perform unauthorized updates/ins...

6.5CVSS5.8AI score0.01454EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/01/16 7:0 p.m.27 views

CVE-2019-2502

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

5AI score0.0256EPSS
Exploits0References5
Cvelist
Cvelist
added 2019/01/16 7:0 p.m.27 views

CVE-2019-2406

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute Catalog Role privilege with network access via Oracle Net to...

6.8AI score0.01733EPSS
Exploits0References2
CVE
CVE
added 2019/01/16 7:0 p.m.53 views

CVE-2019-2404

CVE-2019-2404 affects Oracle PeopleSoft Enterprise PeopleTools, specifically the Portal subcomponent. Supported vulnerable versions are 8.55, 8.56, and 8.57. The issue is exploitable by an unauthenticated attacker over HTTP with network access, potentially leading to unauthorized read access to a...

5.3CVSS4.4AI score0.01547EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/01/16 7:0 p.m.47 views

CVE-2019-2474

CVE-2019-2474 concerns the Oracle Outside In Technology component (Outside In Filters) in Oracle Fusion Middleware, with affected versions 8.5.3 and 8.5.4. The vulnerability enables an unauthenticated attacker with network access over HTTP to cause a hang or crash of Oracle Outside In Technology ...

7.5CVSS6.9AI score0.02052EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder