CVE-2017-10007

CVE-2017-10007 affects Oracle FLEXCUBE Private Banking (Oracle Financial Services Applications), specifically the Miscellaneous subcomponent. Affected versions are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. The vulnerability allows a low-privileged attacker with network access via HTTP to read data from the...

CVE-2017-10105

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successfu...

CVE-2017-10133

The CVE-2017-10133 issue affects Oracle Hospitality Applications, specifically the Hospitality Hotel Mobile component (Suite8/RestAPI) in version 1.1. The vulnerability allows a low-privilege attacker who can reach the system over HTTP to perform unauthorized updates, inserts, or deletions on dat...

CVE-2017-10189

Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications subcomponent: Leisure. The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Hospitality Suite8 executes to...

CVE-2017-10081

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2017-10053

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2017-10000

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications subcomponent: Reporting. Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

CVE-2017-3645

CVE-2017-3645 affects Oracle MySQL Server, subcomponent Server: Optimizer. Affected versions are 5.7.18 and earlier. Vulnerability can be exploited remotely over multiple protocols by a high-privilege attacker to cause a hang or repeated crash (DOS). Remediation seen in connected docs indicates u...

CVE-2017-10210

CVE-2017-10210 affects Oracle VM VirtualBox (Core) via the VMSVGA path. A concrete root cause described in connected material is an integer overflow in SVGA3D_CMD surface handling (vmsvga3dSurfaceDefine) that can cause memory corruption and a subsequent crash or crash-driven state. The adverse ef...

CVE-2017-10079

CVE-2017-10079 affects Oracle Hospitality Applications’ Hospitality Suites Management component (Core) in version 3.7. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Suites Management, with attacks requiring human interaction. Potential impact incl...

CVE-2017-10046

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite subcomponent: Web Access. Supported versions that are affected are 8.3, 8.4, 15.1, 15.2 and 16.1. Easily exploitable vulnerability allows low privileged attacker with network...

CVE-2017-10004

CVE-2017-10004 concerns the Solaris kernel in Oracle Sun Systems Products Suite, affecting Solaris 10 and 11. The evidence (NVD description and Nessus plugin entries) indicates a vulnerability in the Kernel subcomponent that allows a high-privileged user with logon to compromise Solaris, with the...

CVE-2017-10204

CVE-2017-10204 affects Oracle VM VirtualBox (Core subcomponent) and relates to VirtualBox process hardening. The connected material documents that attackers could bypass hardening checks to load unverified DLLs into the VirtualBox process via COM hijacking or DLL loading behavior, enabling arbitr...

CVE-2017-10147

CVE-2017-10147 affects Oracle WebLogic Server (Fusion Middleware Core Components). Affected installations include Oracle WebLogic Server versions 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. The issue allows an unauthenticated attacker with network access via the T3 protocol to compromise the WebLo...

CVE-2017-10086

Vulnerability in the Java SE component of Oracle Java SE subcomponent: JavaFX. Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks...

CVE-2017-10176

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2017-10204

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

CVE-2017-10238

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

CVE-2017-3641

Disclaimer: This data contains information about vulnerable...

CVE-2017-10239

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...