CVE-2017-10042

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: IKE. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via IKE to compromise Solaris. Successful attacks of this...

CVE-2017-10147

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...

CVE-2017-10201

Vulnerability in the Oracle Hospitality e7 component of Oracle Hospitality Applications subcomponent: Other. The supported version that is affected is 4.2.1. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality e7 executes to...

CVE-2017-10142

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications subcomponent: Mobile Apps. Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2017-10202

Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to...

CVE-2017-10236

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

CVE-2017-10248

Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products subcomponent: EPPCMHIERTOP. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSo...

CVE-2017-3634

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

CVE-2017-3641

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol...

CVE-2017-3643

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2017-10096

CVE-2017-10096 – OpenJDK/JAXP vulnerability (CWE-style) shows a flaw in the Java SE/Java SE Embedded stack, specifically the JAXP component. Affected are Oracle Java SE versions 6u151, 7u141, 8u131 and Java SE Embedded 8u131. The vulnerability can allow an unauthenticated attacker with network ac...

CVE-2017-10108

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker...

CVE-2017-10108

CVE-2017-10108 affects Oracle Java SE, Java SE Embedded, and JRockit (Serialization). Affected versions include Java SE 6u151, 7u141, 8u131; Java SE Embedded 8u131; JRockit R28.3.14. The vulnerability allows unauthenticated remote exploitation via multiple protocols, potentially causing a partial...

CVE-2017-10053

CVE-2017-10053 is an OpenJDK/OpenJDK 2D JPEGImageReader vulnerability. The issue affects Java SE components (Java SE, Java SE Embedded, JRockit) with affected versions including Java 6u151, 7u141, 8u131 (and 8u131 for Java SE Embedded; JRockit R28.3.14). The vulnerability could allow an unauthent...

CVE-2017-10107

CVE-2017-10107 affects OpenJDK/OpenJDK-based packages (RMI) with vulnerable components in Java SE/Java SE Embedded. The connected security data confirms multiple OpenJDK subcomponents are vulnerable, including RMI-related sandbox bypass issues, and lists affected versions such as Java 6u151, 7u14...

CVE-2017-10057

Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products subcomponent: Discussion Forum. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

CVE-2017-10202

Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to...

CVE-2017-10237

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

CVE-2017-10076

CVE-2017-10076 affects Oracle Hospitality Simphony First Edition Venue Management, Core subcomponent, version 3.9. The vulnerability allows a low-privileged, network-accessible attacker (via HTTP) to read and modify data, with potential unauthorized read, update, insert, or delete access to data....

CVE-2017-10236

CVE-2017-10236 affects Oracle VM VirtualBox Core prior to 5.1.24. The issue can enable a locally authenticated, high-privilege attacker to cause a hang/DoS and unauthorized read/write access to VirtualBox data, with CVSSv3.0 base score 7.3 (HIGH). Public sources reference Oracle’s patching; Magei...