Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-10-17 CVE-2018-3115 Unspecified vulnerability in Oracle Retail Sales Audit 15.0/16.0
Vulnerability in the Oracle Retail Sales Audit component of Oracle Retail Applications (subcomponent: Operational Insights).
network
high complexity
oracle
7.7
2018-10-17 CVE-2018-3011 Unspecified vulnerability in Oracle Trade Management
Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface).
network
low complexity
oracle
8.2
2018-10-17 CVE-2018-2914 NULL Pointer Dereference vulnerability in Oracle Goldengate 12.1.2.1.0/12.2.0.2.0/12.3.0.1.0
Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager).
network
low complexity
oracle CWE-476
7.5
2018-10-17 CVE-2018-2912 NULL Pointer Dereference vulnerability in Oracle Goldengate 12.1.2.1.0/12.2.0.2.0/12.3.0.1.0
Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager).
network
low complexity
oracle CWE-476
7.5
2018-10-17 CVE-2018-2911 Unspecified vulnerability in Oracle Glassfish Server 3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces).
network
low complexity
oracle
8.3
2018-10-17 CVE-2018-2909 Unspecified vulnerability in Oracle VM Virtualbox
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).
local
low complexity
oracle
8.6
2018-10-17 CVE-2018-2889 Unspecified vulnerability in Oracle Micros Retail-J 12.1.2
Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Internal Operations).
network
low complexity
oracle
7.5
2018-10-16 CVE-2018-14772 OS Command Injection vulnerability in Pydio
Pydio 4.2.1 through 8.2.1 has an authenticated remote code execution vulnerability in which an attacker with administrator access to the web application can execute arbitrary code on the underlying system via Command Injection.
network
low complexity
pydio CWE-78
7.2
2018-10-16 CVE-2018-11025 Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3
kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/twl6030-gpadc with the command 24832 and cause a kernel crash.
network
low complexity
amazon CWE-88
7.5
2018-10-16 CVE-2018-11024 Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 1077435789 and cause a kernel crash.
network
low complexity
amazon CWE-88
7.5