476 matches found
Solaris 10 (sparc) : 148768-01
Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Utility. Supported versions that are affected are 8, 9, 10 and 11. Difficult to exploit vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthoriz...
Solaris 10 (x86) : 150401-23
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: libelfsign. Supported versions that are affected are 10 and 11.2. Difficult to exploit vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized...
Solaris 10 (x86) : 152261-02
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Network Services Library. The supported version that is affected is 10. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise...
OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2018-2678
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker wit...
CVE-2018-2657
Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...
CVE-2018-2594
Vulnerability in the Hyperion BI+ component of Oracle Hyperion subcomponent: Foundation UI & Servlets. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion BI+. Successful attacks...
Design/Logic Flaw
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker wit...
Design/Logic Flaw
Vulnerability in the Integrated Lights Out Manager ILOM component of Oracle Sun Systems Products Suite subcomponent: Remote Console Application. Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to...
Design/Logic Flaw
Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware subcomponent: Deployment. Supported versions that are affected are 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon ...
Design/Logic Flaw
Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware subcomponent: Web Listener. Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access vi...
CVE-2018-2642
Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications subcomponent: File Upload. Supported versions that are affected are 7.x and 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus...
CVE-2018-2594
Vulnerability in the Hyperion BI+ component of Oracle Hyperion subcomponent: Foundation UI & Servlets. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion BI+. Successful attacks...
CVE-2018-2595
Vulnerability in the Hyperion BI+ component of Oracle Hyperion subcomponent: Foundation UI & Servlets. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion BI+. Successful attacks...
CVE-2018-2657
Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...
CVE-2018-2570
Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications subcomponent: Portal. Supported versions that are affected are 7.2.4.2.x and 7.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2018-2602
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: I18n. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the...
CVE-2017-10278
Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware subcomponent: Security. Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo...
OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)
Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2017-10420
Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications subcomponent: Leisure. Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...