CVE-2017-3475

CVE-2017-3475 affects Oracle FLEXCUBE Private Banking (subcomponent: Miscellaneous). According to the sources, affected versions are 2.0.0, 2.0.1, 2.2.0.1 and 12.0.1. The vulnerability can be exploited by a low-privileged attacker with network access over HTTP to impact availability, enabling a p...

CVE-2017-3461

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access vi...

CVE-2017-3561

CVE-2017-3561 affects Oracle VM VirtualBox Core, with affected versions prior to 5.0.38 and prior to 5.1.20. The flaw is described as easily exploitable by a low-privilege user with logon, potentially enabling takeover of Oracle VM VirtualBox and impacting connected products. Public updates exist...

CVE-2017-3524

Vulnerability in the PeopleSoft Enterprise SCM Strategic Sourcing component of Oracle PeopleSoft Products subcomponent: Bidder Registration. The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise...

CVE-2017-3495

Oracle FLEXCUBE Direct Banking (Pre-Login) vulnerability CVE-2017-3495 exists in Oracle Financial Services Applications. Connected sources corroborate affected versions 12.0.2 and 12.0.3 and describe an unauthenticated, network-accessible issue via HTTP in the Pre-Login subcomponent that can lead...

CVE-2017-3587

CVE-2017-3587 refers to a vulnerability in the Shared Folder subcomponent of Oracle VM VirtualBox. Affected product versions are VirtualBox prior to 5.0.38 and prior to 5.1.20. An attacker with low privileges and local logon can exploit this to gain unauthorized creation, deletion or modification...

CVE-2017-3545

Vulnerability CVE-2017-3545 affects Oracle WebCenter Sites (Fusion Middleware) subcomponent Blob Server. Affected versions: 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0, 12.2.1.2.0. The issue allows an unauthenticated attacker with network access over HTTP to compromise the system, enabling unauthorized cr...

CVE-2017-3474

CVE-2017-3474 affects the Solaris component Zone in Oracle Solaris 11.3. The vulnerability enables a low-privilege, local attacker with logon to the Solaris host to compromise confidentiality by unauthorized read access to a subset of Solaris data. The CVSS v3.0 metrics indicate a low impact (C:L...

CVE-2017-3463

CVE-2017-3463 is a vulnerability in the MySQL Server component of Oracle MySQL (Server: Security: Privileges). The MiracleLinux advisories indicate affected MySQL Server instances include 5.5.54 and earlier, 5.6.35 and earlier, and 5.7.17 and earlier. The issue allows a highly privileged attacker...

CVE-2017-3461

CVE-2017-3461 is a privilege-based vulnerability in Oracle MySQL Server (Server: Security: Privileges). Affected versions are 5.5.54 and earlier, 5.6.35 and earlier, and 5.7.17 and earlier. The issue allows a high-privilege attacker with network access to cause a hang or complete denial of servic...

CVE-2017-3459

CVE-2017-3459 affects the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Affected versions include 5.7.17 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to compromise the MySQL Server, potentially causing a han...

CVE-2017-3308

Summary of findings: CVE-2017-3308 affects Oracle MySQL Server (Server: DML) with affected branches 5.5.54 and earlier, 5.6.35 and earlier, and 5.7.17 and earlier. The vulnerability is exploitable over network with low privileges, and can result in a hang or frequent crash (complete DoS) of MySQL...

CVE-2017-3595

The CVE-2017-3595 entry concerns Oracle WebCenter Sites within Oracle Fusion Middleware (subcomponent: Advanced UI). Affected versions are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. The vulnerability allows a low-privilege, network-accessible attacker (via HTTP) to compromise the system, ...

CVE-2017-3565

CVE-2017-3565 affects Oracle Solaris 11.3, under the RBAC component. The connected sources describe a local, low-privilege vulnerability in Solaris 11.3 that allows an attacker with logon access to compromise Solaris, with attacks requiring user interaction and potentially leading to unauthorized...

CVE-2017-3473

The CVE-2017-3473 vulnerability affects Oracle FLEXCUBE Private Banking (subcomponent: Miscellaneous) in versions 2.0.0, 2.0.1, 2.2.0.1 and 12.0.1. The issue arises from a vulnerability in the Oracle FLEXCUBE Private Banking implementation that allows a low-privileged, network-accessible attacker...

CVE-2017-3456

Disclaimer: This data contains information about vulnerable...

CVE-2017-3581

Vulnerability in the Automatic Service Request ASR component of Oracle Support Tools subcomponent: ASR Manager. The supported version that is affected is Prior to 5.7. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Automatic Service Reques...

CVE-2017-3530

CVE-2017-3530 affects Oracle Transportation Manager (Oracle Supply Chain Products Suite) across multiple 6.2, 6.3.x, 6.4.x versions. The vulnerability is in the Security subcomponent and is described as allowing a high-privileged attacker with network access via HTTP to compromise the system, wit...

CVE-2017-3525

CVE-2017-3525 affects Oracle PeopleSoft Enterprise SCM Service Procurement (subcomponent: Usability) version 9.2. The vulnerability arises in that component, with an attacker able to exploit over a network via HTTP by a high-privilege user to compromise data; impact includes unauthorized creation...

CVE-2017-3493

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.0 and 12.1.0. Easily "exploitable" vulnerability allows low privileged attacker with...