Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-25 | CVE-2016-5492 | Improper Access Control vulnerability in Oracle SUN ZFS Storage Appliance KIT Ak2013 Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality and integrity via vectors related to SMB Users. | 7.1 |
| 2016-10-25 | CVE-2016-5491 | Improper Access Control vulnerability in Oracle Commerce Service Center 10.0.3.5/10.2.0.5 Unspecified vulnerability in the Oracle Commerce Service Center component in Oracle Commerce 10.0.3.5 and 10.2.0.5 allows remote attackers to affect confidentiality and integrity via unknown vectors. | 8.2 |
| 2016-10-25 | CVE-2016-5489 | Unspecified vulnerability in Oracle Istore Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via vectors related to Runtime Catalog. | 8.2 |
| 2016-10-25 | CVE-2016-5482 | Improper Access Control vulnerability in Oracle Commerce Guided Search Unspecified vulnerability in the Oracle Commerce Guided Search component in Oracle Commerce 6.2.2, 6.3.0, 6.4.1.2, and 6.5.0 through 6.5.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. | 8.2 |
| 2016-10-25 | CVE-2016-3505 | Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.0.0 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to JavaServer Faces. | 8.8 |
| 2016-10-25 | CVE-2016-3473 | Information Exposure vulnerability in Oracle Business Intelligence Publisher 11.1.1.7.0/11.1.1.9.0/12.2.1.0.0 Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors. | 7.7 |
| 2016-10-25 | CVE-2016-1000215 | Unspecified vulnerability in Ruckus Wireless H500 Ruckus Wireless H500 web management interface denial of service | 7.5 |
| 2016-10-25 | CVE-2016-1000213 | Cross-Site Request Forgery (CSRF) vulnerability in Ruckus Wireless H500 Ruckus Wireless H500 web management interface CSRF | 8.8 |
| 2016-10-25 | CVE-2016-1000032 | Improper Access Control vulnerability in Python Tgcaptcha2 0.3.0 TGCaptcha2 version 0.3.0 is vulnerable to a replay attack due to a missing nonce allowing attackers to use a single solved CAPTCHA multiple times. | 7.5 |
| 2016-10-22 | CVE-2016-0328 | Command Injection vulnerability in IBM Security Guardium Database Activity Monitor IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows local users to obtain administrator privileges for command execution via unspecified vectors. | 7.8 |