Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-18	CVE-2017-10301	Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 9.1.00 Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: Enterprise Portal). network low complexity oracle	5.5
2018-01-18	CVE-2017-10282	Unspecified vulnerability in Oracle Database Server 12.1.0.2/12.2.0.1 Vulnerability in the Core RDBMS component of Oracle Database Server. network low complexity oracle	6.5
2018-01-18	CVE-2017-10262	Information Exposure vulnerability in Oracle Access Manager 11.1.2.3.0 Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). network oracle CWE-200	4.3
2018-01-18	CVE-2017-10068	Unspecified vulnerability in Oracle Business Intelligence 12.2.1.3.0 Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web Dashboards). network low complexity oracle	6.4
2018-01-16	CVE-2016-0215	Improper Input Validation vulnerability in IBM DB2 IBM DB2 9.7, 10.1 before FP6, and 10.5 before FP8 on AIX, Linux, HP, Solaris and Windows allow remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a subquery containing the AVG OLAP function on an Oracle compatible database. network low complexity ibm hp linux microsoft oracle CWE-20	4.0
2018-01-04	CVE-2017-5753	Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. local intel canonical debian oracle synology opensuse suse arm pepperl-fuchs netapp phoenixcontact siemens vmware CWE-203	4.7
2017-12-29	CVE-2013-4578	Injection vulnerability in Oracle JDK and JRE jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation. network low complexity oracle CWE-74	5.0
2017-12-18	CVE-2017-17740	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. network low complexity openldap opensuse oracle mcafee CWE-119	5.0
2017-12-01	CVE-2017-15707	Improper Input Validation vulnerability in multiple products In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload. network low complexity apache netapp oracle CWE-20	5.0
2017-11-14	CVE-2017-10278	Unspecified vulnerability in Oracle Tuxedo Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Security). network oracle	6.8