Vulnerabilities > Oracle > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-01-27 CVE-2016-5623 7PK - Security Features vulnerability in Oracle Flexcube Private Banking 12.0.1/2.0.1/2.2.0
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search).
network
low complexity
oracle CWE-254
5.4
2017-01-27 CVE-2016-5614 Information Exposure vulnerability in Oracle Flexcube Private Banking 12.0.1/2.0.1/2.2.0
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search).
network
low complexity
oracle CWE-200
4.3
2017-01-27 CVE-2016-5552 Unspecified vulnerability in Oracle Jdk, JRE and Jrockit
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
low complexity
oracle
5.3
2017-01-27 CVE-2016-5549 Unspecified vulnerability in Oracle JDK and JRE
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
network
low complexity
oracle
6.5
2017-01-27 CVE-2016-5548 Unspecified vulnerability in Oracle JDK and JRE
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
network
low complexity
oracle
6.5
2017-01-27 CVE-2016-5547 Unspecified vulnerability in Oracle Jdk, JRE and Jrockit
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries).
network
low complexity
oracle
5.3
2017-01-27 CVE-2016-5545 7PK - Security Features vulnerability in Oracle VM Virtualbox
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI).
network
low complexity
oracle CWE-254
6.3
2017-01-27 CVE-2016-5541 Unspecified vulnerability in Oracle Mysql Cluster
Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: NDBAPI).
network
high complexity
oracle
4.8
2017-01-23 CVE-2016-4055 Resource Exhaustion vulnerability in multiple products
The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)."
network
low complexity
momentjs tenable oracle CWE-400
6.5
2016-12-13 CVE-2016-7440 The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
local
low complexity
mariadb oracle wolfssl debian
5.5