CVE-2016-8298

CVE-2016-8298 affects the Oracle FLEXCUBE Private Banking component (subcomponent: Product / Instrument Search). Affected versions are 2.0.1, 2.2.0, and 12.0.1. The vulnerability allows a low-privileged attacker with network access via HTTP to compromise the component, potentially leading to unau...

CVE-2017-3310

CVE-2017-3310 affects Oracle Database Server’s OJVM component in versions 11.2.0.4 and 12.1.0.2. The vulnerability allows a low-privileged attacker with Create Session and Create Procedure privileges, with network access via multiple protocols, to compromise OJVM. The exploitation requires user i...

CVE-2017-3316

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: GUI. Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2017-3320

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

CVE-2017-3424

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2017-3381

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2017-3238

Disclaimer: This data contains information about vulnerable...

CVE-2017-3429

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2017-3262

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Java Mission Control. The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

CVE-2016-8282

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Product / Instrument Search. Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

CVE-2017-3244

CVE-2017-3244 affects Oracle MySQL Server (subcomponent: Server: DML). Affected versions: 5.5.53 and earlier, 5.6.34 and earlier, 5.7.16 and earlier. Description from connected advisory confirms an easily exploitable vulnerability that allows a low-privileged attacker with network access via mult...

CVE-2017-3328

Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite subcomponent: Resources Module. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2017-3348

CVE-2017-3348 affects Oracle E-Business Suite Oracle Marketing (User Interface subcomponent). Affected versions: 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6. Description: an unauthenticated attacker with network access via HTTP can compromise Oracle Marketing; successful attacks requir...

CVE-2017-3298

CVE-2017-3298 affects Oracle’s PeopleSoft Enterprise PeopleTools (subcomponent PIA Core Technology). Affected versions are 8.54 and 8.55. The vulnerability allows an unauthenticated attacker who can reach the service over HTTP to compromise PeopleSoft Enterprise PeopleTools; successful exploits r...

CVE-2017-3294

CVE-2017-3294 describes a vulnerability in the Oracle Outside In Technology (subcomponent: Outside In Filters). Connected sources confirm affected products/versions: Oracle Outside In Technology 8.5.2 and 8.5.3 are vulnerable when data is processed over a network. The issue can be triggered via H...

CVE-2017-3392

CVE-2017-3392 affects Oracle E-Business Suite, specifically the Oracle Advanced Outbound Telephony component (User Interface). Affected versions are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. The vulnerability is described as easily exploitable via HTTP with network access and una...

CVE-2017-3272

CVE-2017-3272 affects Oracle Java SE/OpenJDK Libraries (Java SE 6u131, 7u121, 8u112; Java SE Embedded 8u111). OpenJDK/OpenJDK builds with Libraries component are vulnerable to an unauthenticated, network-accessible attack that can lead to takeover of Java SE/Embedded; exploitation requires user i...

CVE-2016-8329

CVE-2016-8329 affects Oracle PeopleSoft Enterprise PeopleTools (Mobile Application Platform) with affected versions 8.54 and 8.55. The vulnerability is reachable over HTTP with network access, is unauthenticated, and requires user interaction to exploit, potentially enabling unauthorized update/r...

CVE-2017-3340

CVE-2017-3340 affects Oracle E-Business Suite, Oracle Marketing (UI) component. Affected versions are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, and 12.2.6. The vulnerability enables unauthenticated access over HTTP with network access, requiring some user interaction, potentially leading to...

CVE-2017-3290

CVE-2017-3290 affects Oracle VM VirtualBox Shared Folder subcomponent. Affected versions are VirtualBox prior to 5.0.32 and prior to 5.1.14. An attacker with high privileges and local access can exploit this to cause unauthorized data access or modification and to trigger a hang/crash (partial or...