Vulnerabilities > Oracle > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-24 | CVE-2017-3451 | Unspecified vulnerability in Oracle Retail Open Commerce Platform Cloud Service Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Web). | 5.4 |
| 2017-04-24 | CVE-2017-3331 | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). | 6.5 |
| 2017-04-24 | CVE-2017-3305 | Cleartext Transmission of Sensitive Information vulnerability in multiple products Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). | 5.3 |
| 2017-04-24 | CVE-2017-3304 | Unspecified vulnerability in Oracle Mysql Cluster Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: DD). | 5.4 |
| 2017-04-24 | CVE-2017-3288 | Unspecified vulnerability in Oracle Flexcube Investor Servicing Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust). | 5.4 |
| 2017-04-24 | CVE-2017-3232 | Unspecified vulnerability in Oracle Automatic Service Request Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). | 5.5 |
| 2017-03-15 | CVE-2015-8896 | Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file. | 6.5 |
| 2017-03-15 | CVE-2016-7103 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. | 6.1 |
| 2017-01-30 | CVE-2016-2518 | Out-of-bounds Read vulnerability in multiple products The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value. | 5.3 |
| 2017-01-30 | CVE-2015-7977 | NULL Pointer Dereference vulnerability in multiple products ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. | 5.9 |