CVE-2017-10270

Vulnerability in the Oracle Identity Manager Connector component of Oracle Fusion Middleware subcomponent: Microsoft Active Directory. The supported version that is affected is 9.1.1.5.0. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracl...

CVE-2017-10407

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.30. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

CVE-2017-10264

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: UIF Open UI. Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful...

CVE-2017-10276

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: FTS. Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

CVE-2017-10292

Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with logon to the infrastructure where RDBMS Security...

CVE-2017-10296

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2017-10362

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Sawbridge. Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2017-10406

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: PIA Core Technology. Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

CVE-2017-10408

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.30. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

CVE-2017-10197

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications subcomponent: Folios. The supported version that is affected is 5.4.2.x through 5.5.1.x. Easily exploitable vulnerability allows physical access to compromise Oracle Hospitality OPERA 5...

CVE-2017-10051

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3.0. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached t...

CVE-2017-10315

Summary: CVE-2017-10315 concerns the Siebel UI Framework (subcomponent: UIF Open UI) in Oracle Siebel CRM. Affected are Siebel versions 16.0 and 17.0. The vulnerability enables an unauthenticated attacker, over HTTP, to exploit via user interaction to gain unauthorized read/update/delete access t...

CVE-2017-10333

CVE-2017-10333 affects the Siebel UI Framework, specifically the EAI subcomponent, in Oracle Siebel CRM. Affected versions are 16.0 and 17.0. The vulnerability allows an attacker with network access via HTTP and low privileges to compromise Siebel UI Framework, potentially leading to unauthorized...

CVE-2017-10310

CVE-2017-10310 affects Oracle Hyperion Financial Reporting, subcomponent Security Models, with the affected product/version: Oracle Hyperion Financial Reporting (11.1.2). The vulnerability is exploitable by an unauthenticated attacker over HTTP with network access, enabling unauthorized access to...

CVE-2017-10279

CVE-2017-10279 affects the MySQL Server component (Server: Optimizer) of Oracle MySQL. The vulnerability is exploitable by a high-privilege attacker with network access via multiple protocols and can cause a hang or frequent crash (DOS) of MySQL Server. Affected versions cited across connected do...

CVE-2017-10190

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create Session, Create Procedure privilege with logon to the infrastructure where Jav...

CVE-2017-10398

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications subcomponent: BaseMasterPage. The supported version that is affected is 9.0.2.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Orac...

CVE-2017-10227

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

CVE-2017-10395

The CVE-2017-10395 entry concerns Oracle Hospitality Cruise Fleet Management (GangwayActivityWebApp) with affected version 9.0.2.0. The vulnerability allows a low-privileged attacker with network access over HTTP to compromise data, enabling unauthorized update/insert/delete operations and read a...

CVE-2017-10335

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products subcomponent: Elastic Search. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...