Buffer overflow

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish...

Buffer overflow

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications subcomponent: GangwayActivityWebApp. The supported version that is affected is 9.0.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...

Buffer overflow

Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications subcomponent: Point of Sale. Supported versions that are affected are 6.0.11, 6.5.11, 7.0.6, 7.1.6 and 15.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access...

Buffer overflow

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.30. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

Code injection

Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

UBUNTU-CVE-2017-10428

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.30. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

Code injection

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Security. Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSof...

CVE-2017-10309

CVE-2017-10309 involves the Deployment subcomponent of Oracle Java SE. Public details in the provided documents indicate an XML External Entity/Information Disclosure style vulnerability affecting Java 8u144 and Java 9 deployments, with network-accessible exploitation requiring user interaction. ...

CVE-2017-10420

Vulnerability CVE-2017-10420 affects Oracle Hospitality Suite8 (Leisure subcomponent). Affected versions are 8.10.1 and 8.10.2. The issue enables a low-privileged, network-accessible attacker (via HTTP) to compromise Suite8, potentially allowing unauthorized updates/deletes to data and a partial ...

CVE-2017-10393

CVE-2017-10393 affects Oracle GlassFish Server Web Container in Oracle Fusion Middleware (versions 3.0.1 and 3.1.2). The vulnerability permits unauthenticated, network-accessible exploitation via HTTP, with human interaction required, leading to possible unauthorized updates/deletes and reads, pl...

CVE-2017-10347

CVE-2017-10347 is a serialization-related vulnerability in Oracle Java SE/JRockit that affects Java SE 6u161, 7u151, 8u144 and 9, and Java SE Embedded 8u144. The issue allows an unauthenticated, networked attacker to cause a partial denial of service in vulnerable deployments that load untrusted ...

CVE-2017-10264

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: UIF Open UI. Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful...

CVE-2017-10203

Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Net. Supported versions that are affected are 6.9.9 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors...

CVE-2017-10353

Vulnerability in the Oracle Hospitality Hotel Mobile component of Oracle Hospitality Applications subcomponent: Suite8/RESTAPI. The supported version that is affected is 1.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2017-10333

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: EAI. Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel UI Framework. While the vulnerabilit...

CVE-2017-10393

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Web Container. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish...

CVE-2017-10420

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications subcomponent: Leisure. Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2017-10428

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.30. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

CVE-2017-3588

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite subcomponent: HA for MySQL. Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris Cluster executes to...

CVE-2017-10389

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications subcomponent: PMS. Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality Suit...