476 matches found
CVE-2018-3097
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
CVE-2018-2980
CVE-2018-2980 affects Oracle FLEXCUBE Universal Banking (Infrastructure) across multiple supported versions (11.3.0–14.1.0). The vulnerability permits a low-privilege, network-accessing attacker (via HTTP) to read/write data and cause partial denial of service. CVSS 3.0 base score is 5.4 (I and A...
CVE-2018-2901
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via DHCP to compromise Solaris. Successful attacks of this...
OpenJDK: unbounded memory allocation during deserialization in Container (AWT, 8189989)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
Critical: java-1.8.0-openjdk
Issue Overview: Unbounded memory allocation during deserialization in Container AWT, 8189989 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161...
OpenJDK: insufficient consistency checks in deserialization of multiple classes (Security, 8189977)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker wi...
CVE-2018-2798
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2018-2795
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker wi...
CVE-2018-2798
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2018-2750
CVE-2018-2750 affects Oracle Enterprise Manager Products Suite – Enterprise Manager Base Platform, UI Framework, version 12.1.0.5. The vulnerability is described as easily exploitable with network access via HTTP, allowing an unauthenticated attacker to compromise the Base Platform; however, some...
CVE-2018-2850
Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications subcomponent: Fleet Management System Suite. The supported version that is affected is 9.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
CVE-2018-2799
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network...
CVE-2018-2795
CVE-2018-2795 is confirmed in multiple openjdk advisories. Public details in connected documents show OpenJDK/OpenJDK7/OpenJDK8 (and related Oracle/OpenJDK components) affected by deserialization and related issues in Security/JAXP/JMX, potentially enabling denial of service or sandbox-related im...
CVE-2018-2796
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2018-2798
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
Solaris 10 (sparc) : 152260-02
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Network Services Library. The supported version that is affected is 10. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise...
Solaris 10 (x86) : 148871-01
Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: mailx1. Supported versions that are affected are 8, 9, 10 and 11. Difficult to exploit vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized update,...
Solaris 10 (x86) : 152261-01
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: RPC. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows successful unauthenticated network attacks via RPC. Successful attack of this vulnerability can result in...
Solaris 10 (x86) : 150401-23
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: libelfsign. Supported versions that are affected are 10 and 11.2. Difficult to exploit vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized...
Solaris 10 (sparc) : 150157-01
Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Remote Procedure Call RPC. Supported versions that are affected are 8, 9, 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can...