Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-01-18 CVE-2018-2570 Unspecified vulnerability in Oracle Communications Unified Inventory Management 7.2.4.2/7.3
Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal).
network
low complexity
oracle
6.3
6.3
2018-01-18 CVE-2018-2567 Unspecified vulnerability in Oracle Communications Order and Service Management
Vulnerability in the Oracle Communications Order and Service Management component of Oracle Communications Applications (subcomponent: Portal).
network
low complexity
oracle
6.1
6.1
2018-01-18 CVE-2018-2565 Unspecified vulnerability in Oracle Mysql
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB).
network
low complexity
oracle
4.9
4.9
2018-01-18 CVE-2018-2561 Unspecified vulnerability in Oracle Http Server
Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener).
network
low complexity
oracle
5.3
5.3
2018-01-18 CVE-2018-2560 Unspecified vulnerability in Oracle Solaris 11.3
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel).
local
high complexity
oracle
5.0
5.0
2018-01-18 CVE-2017-5699 Improper Input Validation vulnerability in Intel Minnowboard 3 Firmware
Input validation error in Intel MinnowBoard 3 Firmware versions prior to 0.65 allow local attacker to cause denial of service via UEFI APIs.
local
low complexity
intel CWE-20
5.5
5.5
2018-01-18 CVE-2017-10273 Path Traversal vulnerability in Oracle Jdeveloper
Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment).
local
high complexity
oracle CWE-22
4.7
4.7
2018-01-18 CVE-2017-10262 Information Exposure vulnerability in Oracle Access Manager 11.1.2.3.0
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin).
network
high complexity
oracle CWE-200
5.9
5.9
2018-01-17 CVE-2018-5747 Use After Free vulnerability in multiple products
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c).
local
low complexity
long-range-zip-project debian CWE-416
5.5
5.5
2018-01-17 CVE-2018-5258 Improper Certificate Validation vulnerability in Banconeon Neon 1.6.14
The Neon app 1.6.14 iOS does not verify X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive information via a crafted certificate.
network
high complexity
banconeon CWE-295
5.9
5.9