CVE-2018-3268

CVE-2018-3268 affects the Solaris component of Oracle Sun Systems Products Suite, specifically the SMB Server subcomponent in Solaris 11.3. The vulnerability is exploitable over the network via SMB by an unauthenticated attacker and can lead to a partial denial of service (partial DOS) of Solaris...

CVE-2018-3220

CVE-2018-3220 concerns the Oracle Outside In Technology within Oracle Fusion Middleware (Outside In Filters). Public sources in the connected documents indicate the vulnerability affects Oracle Outside In Technology versions 8.5.3 and 8.5.4 and can be exploited over a network via HTTP. An unauthe...

CVE-2018-3253

The CVE-2018-3253 entry concerns Oracle Fusion Middleware’s Oracle Virtual Directory component (Virtual Directory Manager). Affected are 11.1.1.7.0 and 11.1.1.9.0. The vulnerability is described as exploitable by a low-privileged attacker with network access over HTTP, potentially allowing unauth...

CVE-2018-3263

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Sudo. The supported version that is affected is 11.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris. Successful attacks o...

CVE-2018-3214

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Sound. Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2018-3214

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Sound. Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2018-3179

Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware subcomponent: Advanced Console. Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2018-3180

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with...

OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated...

CVE-2018-2978

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8, 2.9 and 2.10. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...

CVE-2018-2974

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable...

CVE-2018-2901

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via DHCP to compromise Solaris. Successful attacks of this...

Buffer overflow

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

Design/Logic Flaw

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.3.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker wi...

Denial of service

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via DHCP to compromise Solaris. Successful attacks of this...

CVE-2018-2974

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable...

CVE-2018-3094

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2018-3093

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2018-2980

CVE-2018-2980 affects Oracle FLEXCUBE Universal Banking (Infrastructure) across multiple supported versions (11.3.0–14.1.0). The vulnerability permits a low-privilege, network-accessing attacker (via HTTP) to read/write data and cause partial denial of service. CVSS 3.0 base score is 5.4 (I and A...

CVE-2018-2978

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8, 2.9 and 2.10. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...