CVE-2018-2594

Vulnerability in the Hyperion BI+ component of Oracle Hyperion subcomponent: Foundation UI & Servlets. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion BI+. Successful attacks...

CVE-2018-2574

Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM subcomponent: Outlook Client. Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel CRM Desktop. Successful...

CVE-2018-2681

Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products subcomponent: Security. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-2018-2698

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

CVE-2018-2688

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBo...

CVE-2018-2668

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols...

CVE-2017-10282

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute Catalog Role privilege with network access via Oracle Net to...

CVE-2018-2573

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: GIS. Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

CVE-2018-2582

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...

CVE-2018-2643

Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications subcomponent: Case Selection. Supported versions that are affected are 7.x and 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus...

CVE-2018-2696

CVE-2018-2696 affects the MySQL Server component (Server : Security : Privileges) in Oracle MySQL. Reported affected versions include 5.6.38 and earlier, and 5.7.20 and earlier. The vulnerability can be exploited remotely by an unauthenticated attacker over several network protocols, potentially ...

CVE-2018-2622

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2018-2564

CVE-2018-2564 affects Oracle WebCenter Content (Content Server) in Oracle Fusion Middleware, version 11.1.1.9.0. The vulnerability allows an unauthenticated, network-accessible attacker via HTTP to compromise the system, with possible unauthorized creation, deletion or modification of data and re...

CVE-2017-10282

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute Catalog Role privilege with network access via Oracle Net to...

CVE-2017-10068

CVE-2017-10068 affects Oracle Fusion Middleware’s Oracle Business Intelligence Enterprise Edition Analytics Web Dashboards, version 12.2.1.3.0. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise BI EE, with human interaction required. Successful attack...

CVE-2018-2691

Vulnerability in the Oracle User Management component of Oracle E-Business Suite subcomponent: Proxy User Delegation. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2018-2663

CVE-2018-2663 affects Oracle Java SE family, specifically the Libraries component (and related Java SE deployments) including Java SE/JRockit/Jackson? The connected documents indicate: vulnerable input handling during object deserialization in Libraries, AWT, and JNDI components, which can lead t...

CVE-2018-2690

CVE-2018-2690 affects Oracle VM VirtualBox (Core) with affected versions prior to 5.1.32 and prior to 5.2.6. The vulnerability is described as easily exploitable, allowing an unauthenticated attacker who has logon to the infrastructure running VirtualBox to compromise it; exploitation requires us...

CVE-2018-2686

CVE-2018-2686 affects Oracle VM VirtualBox (Core) with affected versions prior to 5.1.32 and prior to 5.2.6. The vulnerability is described as easily exploitable, requiring a logon to the infrastructure and human interaction, and could lead to takeover of VirtualBox. CVSS v3.0 base score is 8.6 (...

CVE-2018-2583

CVE-2018-2583 affects Oracle MySQL Server (Stored Procedure) with affected versions 5.6.38 and earlier, 5.7.20 and earlier. It allows a high-privilege attacker with network access (via multiple protocols) to crash or hang MySQL Server (complete DOS), potentially impacting other products. Connecte...