Vulnerabilities > Oracle > OSS Support Tools

DATE CVE VULNERABILITY TITLE RISK
2018-01-18 CVE-2015-9251 Cross-site Scripting vulnerability in multiple products
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
network
low complexity
jquery oracle CWE-79
6.1
2018-01-18 CVE-2018-2617 Unspecified vulnerability in Oracle OSS Support Tools
Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant).
network
low complexity
oracle
7.5
2018-01-18 CVE-2018-2616 Unspecified vulnerability in Oracle OSS Support Tools
Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant).
network
low complexity
oracle
8.8
2018-01-18 CVE-2018-2615 Unspecified vulnerability in Oracle OSS Support Tools
Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant).
network
low complexity
oracle
8.8
2017-03-15 CVE-2016-7103 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
6.1
2016-02-15 CVE-2015-3197 Information Exposure vulnerability in multiple products
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.
network
high complexity
oracle openssl CWE-200
5.9