381 matches found
CVE-2018-3032
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access...
EMC ECS S3 Authentication Bypass Vulnerability
Dell EMC Elastic Cloud Storage ECS is an object storage application designed for traditional and next-generation workloads. An authentication bypass vulnerability exists in Dell EMC ECS versions 3.2.0.0 and 3.2.0.1, which can be exploited by a remote, unauthenticated attacker to read and modify S...
IBM Security Guardium Big Data Intelligence Critical Resource Privilege Assignment Vulnerability
IBM Security Guardium Big Data Intelligence is a solution that delivers the capabilities of a big data platform while meeting data security requirements. IBM Security Guardium Big Data Intelligence SonarG suffers from an incorrect assignment of critical resource permissions vulnerability. An...
CVE-2018-1370
IBM Security Guardium Big Data Intelligence SonarG 3.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 137769...
CVE-2018-2876
Vulnerability in the Oracle Retail Integration Bus component of Oracle Retail Applications subcomponent: RIB KernalApache Commons Collections. The supported version that is affected is 13.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...
CVE-2018-2857
Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: HTTP data path subsystems. The supported version that is affected is Prior to 8.7.17. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2018-2821
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Rich Text Editor. Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2018-2738
Vulnerability in the Oracle Retail Central Office component of Oracle Retail Applications subcomponent: Security. Supported versions that are affected are 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-14465
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
CVE-2018-2571
Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications subcomponent: Portal. Supported versions that are affected are 7.2.4.2.x and 7.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2018-2659
Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime SEC. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2017-10413
Vulnerability in the Oracle Mobile Field Service component of Oracle E-Business Suite subcomponent: Multiplatform Based on HTML5. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated...
CVE-2017-10367
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Engagement. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-10161
Vulnerability in the Oracle Engineering Data Management component of Oracle Supply Chain Products Suite subcomponent: Web Services Security. Supported versions that are affected are 6.1.3.0 and 6.2.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTT...
CVE-2017-10078 - Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). (BSA-2017-403)
Security Advisory ID: BSA-2017-403 Component: Java Revision : 3.0: Final Vulnerability in the Java SE component of Oracle Java SE subcomponent: Scripting. The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low-privileged attacker with network access...
CVE-2017-10249
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Integration Broker. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2017-10206
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Engagement. The supported version that is affected is 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality...
CVE-2017-10145
Vulnerability in the Java Advanced Management Console component of Oracle Java SE subcomponent: Server. The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...
CVE-2017-10049
Vulnerability in the Siebel Core CRM component of Oracle Siebel CRM subcomponent: Search. Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Core CRM. Successful attacks require...
CVE-2017-10030
Vulnerability in the BI Publisher component of Oracle Fusion Middleware subcomponent: Web Server. The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks...