Vulnerabilities > Oracle > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-17 | CVE-2018-3011 | Unspecified vulnerability in Oracle Trade Management Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). | 8.2 |
2018-10-17 | CVE-2018-2914 | NULL Pointer Dereference vulnerability in Oracle Goldengate 12.1.2.1.0/12.2.0.2.0/12.3.0.1.0 Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). | 7.5 |
2018-10-17 | CVE-2018-2912 | NULL Pointer Dereference vulnerability in Oracle Goldengate 12.1.2.1.0/12.2.0.2.0/12.3.0.1.0 Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). | 7.5 |
2018-10-17 | CVE-2018-2911 | Unspecified vulnerability in Oracle Glassfish Server 3.1.2 Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). | 8.3 |
2018-10-17 | CVE-2018-2909 | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 8.6 |
2018-10-17 | CVE-2018-2889 | Unspecified vulnerability in Oracle Micros Retail-J 12.1.2 Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Internal Operations). | 7.5 |
2018-10-09 | CVE-2018-17962 | Integer Overflow or Wraparound vulnerability in multiple products Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. | 7.5 |
2018-09-19 | CVE-2018-11761 | XXE vulnerability in multiple products In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. | 7.5 |
2018-09-18 | CVE-2018-16952 | Cross-Site Request Forgery (CSRF) vulnerability in Oracle Webcenter Interaction 10.3.3 The Oracle WebCenter Interaction Portal 10.3.3 does not implement protection against Cross-site Request Forgery in its design. | 8.8 |
2018-09-10 | CVE-2018-11775 | Improper Certificate Validation vulnerability in multiple products TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. | 7.4 |