Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-01-27 CVE-2017-3241 Improper Input Validation vulnerability in Oracle Jdk, JRE and Jrockit
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI).
network
high complexity
oracle CWE-20
critical
9.0
2017-01-27 CVE-2017-3240 Information Exposure vulnerability in Oracle Database Server 12.1.0.2
Vulnerability in the RDBMS Security component of Oracle Database Server.
local
low complexity
oracle CWE-200
3.3
2017-01-27 CVE-2017-3239 Information Exposure vulnerability in Oracle Glassfish Server 3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration).
local
low complexity
oracle CWE-200
3.3
2017-01-27 CVE-2017-3238 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle debian mariadb redhat
6.5
2017-01-27 CVE-2017-3236 Improper Input Validation vulnerability in Oracle Flexcube Universal Banking
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core).
network
low complexity
oracle CWE-20
4.7
2017-01-27 CVE-2017-3235 Unspecified vulnerability in Oracle Flexcube Universal Banking
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core).
low complexity
oracle
3.5
2017-01-27 CVE-2017-3231 Information Exposure vulnerability in Oracle JDK and JRE
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking).
network
low complexity
oracle CWE-200
4.3
2017-01-27 CVE-2016-9795 Improper Input Validation vulnerability in multiple products
The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.
local
low complexity
broadcom ca CWE-20
7.8
2017-01-27 CVE-2016-9636 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.
network
low complexity
gstreamer redhat debian CWE-119
critical
9.8
2017-01-27 CVE-2016-9635 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.
network
low complexity
gstreamer redhat debian CWE-119
critical
9.8