2018-04-19 | CVE-2018-2879 | Unspecified vulnerability in Oracle Access Manager 11.1.2.3.0/12.2.1.3.0 Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). network high complexity oracle critical | 9.0 |
2018-04-19 | CVE-2018-2871 | Unspecified vulnerability in Oracle Human Resources Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities). network low complexity oracle critical | 9.1 |
2018-04-19 | CVE-2018-2870 | Unspecified vulnerability in Oracle Human Resources Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities). network low complexity oracle critical | 9.1 |
2018-04-19 | CVE-2018-2739 | Unspecified vulnerability in Oracle Access Manager 10.1.4.3.0/11.1.2.3.0/12.2.1.3.0 Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). network low complexity oracle critical | 9.3 |
2018-04-19 | CVE-2018-2628 | Deserialization of Untrusted Data vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). | 9.8 |
2018-04-11 | CVE-2018-1275 | Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. | 9.8 |
2018-04-11 | CVE-2018-1273 | Injection vulnerability in multiple products Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. | 9.8 |
2018-04-06 | CVE-2018-1270 | Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. | 9.8 |
2018-03-20 | CVE-2018-8088 | org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. | 9.8 |
2018-03-14 | CVE-2018-1000122 | Out-of-bounds Read vulnerability in multiple products A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage | 9.1 |