16.2

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-18	CVE-2018-2967	Unspecified vulnerability in Oracle Primavera Unifier Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). local low complexity oracle	2.1
2018-07-18	CVE-2018-2966	Unspecified vulnerability in Oracle Primavera Unifier Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). network oracle	4.3
2018-07-18	CVE-2018-2965	Unspecified vulnerability in Oracle Primavera Unifier Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). network oracle	5.8
2018-02-06	CVE-2017-7525	Incomplete Blacklist vulnerability in multiple products A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. network low complexity fasterxml debian netapp redhat oracle CWE-184 critical	9.8
2018-02-06	CVE-2017-15095	Deserialization of Untrusted Data vulnerability in multiple products A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. network low complexity fasterxml debian redhat netapp oracle CWE-502 critical	9.8
2018-01-18	CVE-2015-9251	Cross-site Scripting vulnerability in multiple products jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. network low complexity jquery oracle CWE-79	6.1
2018-01-18	CVE-2018-2620	Unspecified vulnerability in Oracle Primavera Unifier Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Platform). network low complexity oracle	5.5
2017-08-08	CVE-2017-10150	Unspecified vulnerability in Oracle Primavera Unifier Vulnerability in the Primavera Unifier component of Oracle Primavera Products Suite (subcomponent: Platform). network low complexity oracle	4.0
2017-08-08	CVE-2017-10149	Unspecified vulnerability in Oracle Primavera Unifier Vulnerability in the Primavera Unifier component of Oracle Primavera Products Suite (subcomponent: Platform). network oracle	4.9
2017-03-15	CVE-2016-7103	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. network low complexity jqueryui oracle fedoraproject netapp redhat juniper debian CWE-79	6.1