Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2016-10-25 CVE-2016-5503 Unspecified vulnerability in Oracle SUN ZFS Storage Appliance KIT Ak2013
Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality, integrity, and availability via vectors related to Core Services.
local
low complexity
oracle
8.2
2016-10-25 CVE-2016-5501 Unspecified vulnerability in Oracle VM Virtualbox
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5538.
local
high complexity
oracle
7.8
2016-10-25 CVE-2016-5500 Information Exposure vulnerability in Oracle Discoverer 11.1.1.7.0
Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to Viewer.
network
low complexity
oracle CWE-200
7.5
2016-10-25 CVE-2016-5495 Improper Access Control vulnerability in Oracle Discoverer 11.1.1.7.0
Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to EUL Code & Schema.
network
low complexity
oracle CWE-284
7.5
2016-10-25 CVE-2016-5492 Improper Access Control vulnerability in Oracle SUN ZFS Storage Appliance KIT Ak2013
Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality and integrity via vectors related to SMB Users.
local
low complexity
oracle CWE-284
7.1
2016-10-25 CVE-2016-5491 Improper Access Control vulnerability in Oracle Commerce Service Center 10.0.3.5/10.2.0.5
Unspecified vulnerability in the Oracle Commerce Service Center component in Oracle Commerce 10.0.3.5 and 10.2.0.5 allows remote attackers to affect confidentiality and integrity via unknown vectors.
network
low complexity
oracle CWE-284
8.2
2016-10-25 CVE-2016-5489 Unspecified vulnerability in Oracle Istore
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via vectors related to Runtime Catalog.
network
low complexity
oracle
8.2
2016-10-25 CVE-2016-5482 Improper Access Control vulnerability in Oracle Commerce Guided Search
Unspecified vulnerability in the Oracle Commerce Guided Search component in Oracle Commerce 6.2.2, 6.3.0, 6.4.1.2, and 6.5.0 through 6.5.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.
network
low complexity
oracle CWE-284
8.2
2016-10-25 CVE-2016-3505 Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.0.0
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to JavaServer Faces.
network
low complexity
oracle
8.8
2016-10-25 CVE-2016-3473 Information Exposure vulnerability in Oracle Business Intelligence Publisher 11.1.1.7.0/11.1.1.9.0/12.2.1.0.0
Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors.
network
low complexity
oracle CWE-200
7.7