5549 matches found
CVE-2018-2822
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite subcomponent: Cluster Geo. The supported version that is affected is 4.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris Cluster executes to compromi...
CVE-2018-2796
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2018-2795
CVE-2018-2795 is confirmed in multiple openjdk advisories. Public details in connected documents show OpenJDK/OpenJDK7/OpenJDK8 (and related Oracle/OpenJDK components) affected by deserialization and related issues in Security/JAXP/JMX, potentially enabling denial of service or sandbox-related im...
CVE-2018-2750
CVE-2018-2750 affects Oracle Enterprise Manager Products Suite – Enterprise Manager Base Platform, UI Framework, version 12.1.0.5. The vulnerability is described as easily exploitable with network access via HTTP, allowing an unauthenticated attacker to compromise the Base Platform; however, some...
CVE-2018-2861
CVE-2018-2861 affects Oracle Retail Back Office (Security subcomponent) in Oracle Retail Applications for versions 13.4.9, 14.0.4, and 14.1.3. The vulnerability allows an unauthenticated attacker with network access via HTTP to read a subset of data and cause a partial denial of service. The issu...
CVE-2018-2797
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2018-2774
Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products subcomponent: SQR. Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...
CVE-2018-2799
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network...
UBUNTU-CVE-2018-2797
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2018-2798
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2018-2796
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
UBUNTU-CVE-2018-2799
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network...
UBUNTU-CVE-2018-2795
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker wi...
UBUNTU-CVE-2018-2796
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
UBUNTU-CVE-2018-2798
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...
MySQL -- multiple vulnerabilities
Oracle reports: MySQL Multiple Flaws Let Remote Authenticated Users Access and Modify Data, Remote and Local Users Deny Service, and Local Users Access Data and Gain Elevated Privileges A local user can exploit a flaw in the Replication component to gain elevated privileges CVE-2018-2755. A remot...
CVE-2018-1275
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user or attacker can craft a message to...
PMS 0.42 Stack-Based Buffer Overflow
Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer local module Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user supplied input...
PMS 0.42 Stack-Based Buffer Overflow Exploit
Exploit for linux platform in category dos / poc Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer local module Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is...
OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker wit...