Vulnerabilities > Oracle > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-16 | CVE-2018-11212 | Divide By Zero vulnerability in multiple products An issue was discovered in libjpeg 9a and 9d. | 4.3 |
| 2018-05-11 | CVE-2018-1258 | Incorrect Authorization vulnerability in multiple products Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. | 6.5 |
| 2018-05-11 | CVE-2018-1257 | Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. | 4.0 |
| 2018-05-07 | CVE-2018-1313 | In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control. | 5.3 |
| 2018-04-26 | CVE-2018-10237 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. | 5.9 |
| 2018-04-19 | CVE-2018-2879 | Unspecified vulnerability in Oracle Access Manager 11.1.2.3.0/12.2.1.3.0 Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). network oracle | 6.8 |
| 2018-04-19 | CVE-2018-2878 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Human Capital Management Shared Components 9.2 Vulnerability in the PeopleSoft Enterprise HCM Shared Components component of Oracle PeopleSoft Products (subcomponent: Notepad). network oracle | 5.8 |
| 2018-04-19 | CVE-2018-2876 | Unspecified vulnerability in Oracle Retail Integration BUS 13.2 Vulnerability in the Oracle Retail Integration Bus component of Oracle Retail Applications (subcomponent: RIB Kernal(Apache Commons Collections)). network oracle | 6.8 |
| 2018-04-19 | CVE-2018-2873 | Unspecified vulnerability in Oracle E-Business Suite Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). | 5.0 |
| 2018-04-19 | CVE-2018-2872 | Unspecified vulnerability in Oracle E-Business Suite Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). | 5.0 |