Vulnerabilities > Oracle > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-10-25 CVE-2016-5600 Improper Access Control vulnerability in Oracle Peoplesoft Enterprise Supply Chain Management Services Procurement 9.1/9.2
Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
network
low complexity
oracle CWE-284
5.4
2016-10-25 CVE-2016-5598 Improper Access Control vulnerability in Oracle Mysql Connector/Python
Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python.
network
high complexity
oracle CWE-284
5.6
2016-10-25 CVE-2016-5597 Information Exposure vulnerability in Oracle JDK and JRE
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.
network
high complexity
oracle CWE-200
5.9
2016-10-25 CVE-2016-5596 Information Exposure vulnerability in Oracle Customer Relationship Management Technical Foundation
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality via unknown vectors.
network
low complexity
oracle CWE-200
4.3
2016-10-25 CVE-2016-5594 Improper Access Control vulnerability in Oracle Flexcube Universal Banking
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to INFRA.
network
low complexity
oracle CWE-284
5.0
2016-10-25 CVE-2016-5585 Improper Access Control vulnerability in Oracle Interaction Center Intelligence 12.1.1/12.1.2/12.1.3
Unspecified vulnerability in the Oracle Interaction Center Intelligence component in Oracle E-Business Suite 12.1.1 through 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors.
network
low complexity
oracle CWE-284
6.5
2016-10-25 CVE-2016-5584 Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.
network
high complexity
oracle mariadb debian
4.4
2016-10-25 CVE-2016-5583 Unspecified vulnerability in Oracle One-To-One Fulfillment
Unspecified vulnerability in the Oracle One-to-One Fulfillment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect integrity via unknown vectors.
network
low complexity
oracle
5.3
2016-10-25 CVE-2016-5581 Improper Access Control vulnerability in Oracle Irecruitment
Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
low complexity
oracle CWE-284
6.6
2016-10-25 CVE-2016-5576 Improper Access Control vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel Zones.
local
low complexity
oracle CWE-284
5.5