Vulnerabilities > Oracle > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-16 | CVE-2019-2395 | Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). | 5.4 |
| 2019-01-16 | CVE-2018-3305 | Unspecified vulnerability in Oracle Application Testing Suite Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). | 6.3 |
| 2019-01-16 | CVE-2018-3304 | Unspecified vulnerability in Oracle Application Testing Suite Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). | 6.5 |
| 2019-01-16 | CVE-2018-3303 | Unspecified vulnerability in Oracle Enterprise Manager Base Platform 13.2/13.3 Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite (subcomponent: EM Console). | 6.5 |
| 2019-01-16 | CVE-2018-3125 | Unspecified vulnerability in Oracle Retail Merchandising System 14.1 Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications (subcomponent: Security (SQL Logger)). | 6.5 |
| 2019-01-10 | CVE-2018-20685 | Incorrect Authorization vulnerability in multiple products In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . | 5.3 |
| 2018-12-30 | CVE-2018-20584 | JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format. | 6.5 |
| 2018-12-20 | CVE-2018-1000873 | Improper Input Validation vulnerability in multiple products Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). | 6.5 |
| 2018-12-13 | CVE-2018-19439 | Cross-site Scripting vulnerability in Oracle Secure Global Desktop 4.4 XSS exists in the Administration Console in Oracle Secure Global Desktop 4.4 20080807152602 (but was fixed in later versions including 5.4). | 6.1 |
| 2018-11-15 | CVE-2018-5407 | Information Exposure Through Discrepancy vulnerability in multiple products Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. | 4.7 |