Vulnerabilities > Oracle > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-27 | CVE-2016-5541 | Unspecified vulnerability in Oracle Mysql Cluster Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: NDBAPI). | 4.8 |
| 2017-01-23 | CVE-2016-4055 | Resource Exhaustion vulnerability in multiple products The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)." | 6.5 |
| 2016-12-13 | CVE-2016-7440 | The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences. | 5.5 |
| 2016-12-09 | CVE-2015-8786 | Resource Management Errors vulnerability in multiple products The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_incr parameter. | 6.5 |
| 2016-10-25 | CVE-2016-8295 | Information Exposure vulnerability in Oracle Peoplesoft Enterprise Human Capital Management Time and Labor 9.2 Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors. | 4.3 |
| 2016-10-25 | CVE-2016-8294 | Information Exposure vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors. | 4.3 |
| 2016-10-25 | CVE-2016-8292 | Improper Access Control vulnerability in Oracle Peoplesoft Enterprise Human Capital Management Talent Acquisition Manager 9.2 Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to Talent Acquisition Manager. | 4.2 |
| 2016-10-25 | CVE-2016-8290 | Unspecified vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633. | 4.4 |
| 2016-10-25 | CVE-2016-8289 | Permissions, Privileges, and Access Controls vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB. | 4.7 |
| 2016-10-25 | CVE-2016-8287 | Unspecified vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication. | 4.5 |