Vulnerabilities > Oracle > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-18 | CVE-2017-10301 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 9.1.00 Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: Enterprise Portal). | 5.5 |
2018-01-18 | CVE-2017-10282 | Unspecified vulnerability in Oracle Database Server 12.1.0.2/12.2.0.1 Vulnerability in the Core RDBMS component of Oracle Database Server. | 6.5 |
2018-01-18 | CVE-2017-10262 | Information Exposure vulnerability in Oracle Access Manager 11.1.2.3.0 Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). | 4.3 |
2018-01-18 | CVE-2017-10068 | Unspecified vulnerability in Oracle Business Intelligence 12.2.1.3.0 Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web Dashboards). | 6.4 |
2018-01-16 | CVE-2016-0215 | Improper Input Validation vulnerability in IBM DB2 IBM DB2 9.7, 10.1 before FP6, and 10.5 before FP8 on AIX, Linux, HP, Solaris and Windows allow remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a subquery containing the AVG OLAP function on an Oracle compatible database. | 4.0 |
2018-01-04 | CVE-2017-5753 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | 4.7 |
2017-12-29 | CVE-2013-4578 | Injection vulnerability in Oracle JDK and JRE jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation. | 5.0 |
2017-12-18 | CVE-2017-17740 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. | 5.0 |
2017-12-01 | CVE-2017-15707 | Improper Input Validation vulnerability in multiple products In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload. | 5.0 |
2017-11-14 | CVE-2017-10278 | Unspecified vulnerability in Oracle Tuxedo Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Security). network oracle | 6.8 |