Vulnerabilities > Oracle > Integrated Lights OUT Manager Firmware > 3.2.4

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-18	CVE-2018-2568	Unspecified vulnerability in Oracle Integrated Lights OUT Manager Firmware Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). network low complexity oracle	7.5
2018-01-18	CVE-2018-2566	Unspecified vulnerability in Oracle Integrated Lights OUT Manager Firmware Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). network high complexity oracle	4.0
2017-10-19	CVE-2017-10265	Unspecified vulnerability in Oracle Integrated Lights OUT Manager Firmware Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). network low complexity oracle	7.5
2017-10-19	CVE-2017-10260	Unspecified vulnerability in Oracle Integrated Lights OUT Manager Firmware Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). network low complexity oracle	7.8
2017-10-19	CVE-2017-10194	Information Exposure vulnerability in Oracle Integrated Lights OUT Manager Firmware Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). network low complexity oracle CWE-200	4.0
2015-12-06	CVE-2015-3195	Information Exposure vulnerability in multiple products The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application. network low complexity apple oracle openssl redhat canonical debian opensuse suse fedoraproject CWE-200	5.3
2013-03-15	CVE-2013-2566	Inadequate Encryption Strength vulnerability in multiple products The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. network oracle fujitsu canonical mozilla CWE-326	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.