CVE-2017-3238

CVE-2017-3238 affects the MySQL Server component (Server: Optimizer). Affected MariaDB/MySQL versions include 5.5.53 and earlier, 5.6.34 and earlier, and 5.7.16 and earlier. The vulnerability is exploitable over the network via multiple protocols, with a low-privileged attacker able to cause a ha...

CVE-2016-8305

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows physical access to compromise...

CVE-2017-3299

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: PIA Search Functionality. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...

CVE-2017-3316

CVE-2017-3316 affects the GUI subcomponent of Oracle VM VirtualBox. A high-privileged attacker with network access via multiple protocols can compromise VirtualBox; successful attacks may lead to takeover. Affected versions include VirtualBox < 5.0.32 and

CVE-2017-3248

CVE-2017-3248 affects Oracle WebLogic Server (Core Components) with affected versions 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1. It is a Java deserialization RCE in the WebLogic RMI Registry (UnicastRef) that can be exploited remotely for code execution and server takeover via unauthenticated networ...

CVE-2017-3256

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2017-3419

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite subcomponent: User Interface. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technica...

CVE-2017-3238

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple...

CVE-2017-3244

Removed by vendor...

CVE-2016-5546

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2016-5549

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...

CVE-2017-3316

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: GUI. Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

Out-of-bounds

An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be used to...

CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

CVE-2016-9050

An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be used to...

CVE-2017-5377

A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox 51...

SAP ASE ODATA Server 16 Denial Of Service Vulnerability

SAP ASE ODATA Server version 16 suffers from a denial of service vulnerability. Application: SAP ASE Versions Affected: SAP ASE ODATA Server v16 Vendor URL: http://SAP.com Bugs: Denial of Service Sent: 01.02.2016 Reported: 02.02.2016 Vendor response: 02.02.2016 Date of Public Advisory: 12.10.2016...

Oracle Patches 270 Vulnerabilities With First CPU of 2017

Oracle patched 270 vulnerabilities on Tuesday, many remotely exploitable, across 45 different products–including its E-Business Suite, Financial Services software, and MySQL database–as part of its quarterly Critical Patch Update CPU. The massive update comes close breaking Oracle’s record-settin...

CVE-2016-8318

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...