Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-28 | CVE-2016-8339 | Out-of-bounds Write vulnerability in Redislabs Redis A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. | 9.8 |
| 2016-10-28 | CVE-2016-6397 | Improper Authentication vulnerability in Cisco IP Interoperability and Collaboration System A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable. | 9.8 |
| 2016-10-27 | CVE-2016-6445 | Improper Input Validation vulnerability in Cisco Meeting Server A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6 could allow an unauthenticated, remote attacker to masquerade as a legitimate user. | 9.1 |
| 2016-10-25 | CVE-2016-5605 | Improper Access Control vulnerability in Oracle VM Virtualbox Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE. | 9.1 |
| 2016-10-25 | CVE-2016-5599 | Improper Access Control vulnerability in Oracle Advanced Supply Chain Planning 12.2.3/12.2.4/12.2.5 Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12.2.3 through 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to MscObieeSrvlt. | 9.1 |
| 2016-10-25 | CVE-2016-5582 | Improper Access Control vulnerability in Oracle JDK and JRE Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5573. | 9.6 |
| 2016-10-25 | CVE-2016-5580 | Improper Access Control vulnerability in Oracle Secure Global Desktop 4.7/5.2 Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.7 and 5.2 allows remote authenticated users to affect confidentiality and availability via vectors through Web Services. | 9.6 |
| 2016-10-25 | CVE-2016-5568 | Improper Access Control vulnerability in Oracle JDK and JRE Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. | 9.6 |
| 2016-10-25 | CVE-2016-5556 | Improper Access Control vulnerability in Oracle JDK and JRE Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. | 9.6 |
| 2016-10-25 | CVE-2016-5555 | Unspecified vulnerability in Oracle Database Server 11.2.0.4/12.1.0.2 Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors. | 9.1 |