CVEs from 2017
Total
11,681
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
9.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-3332 | high | 8.4 | 8.4 | 10y ago | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: VirtualBox SVGA Emulation). Supported versions that are affected are VirtualBox prior to 5.0.32 and prior t… | |||
| CVE-2017-10146 | high | 8.3 | 8.3 | 9y ago | Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulne… | |||
| CVE-2017-10116 | high | 8.3 | 8.3 | 9y ago | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedde… | |||
| CVE-2017-10114 | high | 8.3 | 8.3 | 9y ago | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows unauthent… | |||
| CVE-2017-10074 | high | 8.3 | 8.3 | 9y ago | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. … | |||
| CVE-2017-10061 | high | 8.3 | 8.3 | 9y ago | Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily explo… | |||
| CVE-2017-10013 | high | 8.3 | 8.3 | 9y ago | Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is AK 2013. Difficult to … | |||
| CVE-2017-11657 | high | 7.3 | 8.3 | 9y ago | Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory. | |||
| CVE-2017-1297 | high | 7.3 | 8.3 | 9y ago | IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a loca… | |||
| CVE-2017-7180 | high | 7.3 | 8.3 | 9y ago | Net Monitor for Employees Pro through 5.3.4 has an unquoted service path, which allows a Security Feature Bypass of its documented "Block applications" design goal. The local attacker must have privi… | |||
| CVE-2017-8914 | high | 8.3 | 8.3 | 9y ago | sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to hijack npm packages or host arbitrary files by leveraging an insecure user creation policy, aka SAP Security Note 2407694. | |||
| CVE-2017-0233 | high | 8.3 | 8.3 | 9y ago | An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulner… | |||
| CVE-2017-3580 | high | 8.3 | 8.3 | 9y ago | Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: RAS subsystems). The supported version that is affected is AK 2013. Difficult to … | |||
| CVE-2017-3514 | high | 8.3 | 8.3 | 9y ago | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unaut… | |||
| CVE-2017-3512 | high | 8.3 | 8.3 | 9y ago | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u131 and 8u121. Difficult to exploit vulnerability allows unauthentica… | |||
| CVE-2017-3306 | high | 8.3 | 8.3 | 9y ago | Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier, 3.2.1182 and earlier and 3… | |||
| CVE-2017-2319 | high | 8.3 | 8.3 | 9y ago | A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious attacker to compromise the systems confidentiality or integrity withou… | |||
| CVE-2017-7358 | high | 7.3 | 8.3 | 9y ago | In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user … | |||
| CVE-2017-3260 | high | 8.3 | 8.3 | 10y ago | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthentica… | |||
| CVE-2017-12350 | high | 8.2 | 8.2 | 9y ago | A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulne… | |||
| CVE-2017-12636 | high | 7.2 | 8.2 | 9y ago | multiple issues in couchdb | |||
| CVE-2017-2895 | high | 8.2 | 8.2 | 9y ago | An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bou… | |||
| CVE-2017-3446 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2… | |||
| CVE-2017-3445 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2… | |||
| CVE-2017-3444 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2… | |||
| CVE-2017-10417 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: Setup and Configuration). Supported versions that are affected are 12.2.3, 12.2.4, 12.2.5, … | |||
| CVE-2017-10416 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: Setup and Configuration). Supported versions that are affected are 12.2.3, 12.2.4, 12.2.5, … | |||
| CVE-2017-10415 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: Others). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 1… | |||
| CVE-2017-10414 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Checkout and Order Placement). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, … | |||
| CVE-2017-10413 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Mobile Field Service component of Oracle E-Business Suite (subcomponent: Multiplatform Based on HTML5). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12… | |||
| CVE-2017-10412 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, … | |||
| CVE-2017-10411 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, … | |||
| CVE-2017-10410 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: Search). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, … | |||
| CVE-2017-10409 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Merchant UI). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 an… | |||
| CVE-2017-10360 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Supported versions that are affected are 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Eas… | |||
| CVE-2017-10354 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: Enterprise Portal). The supported version that is affected is 9.1.00. Easily exp… | |||
| CVE-2017-10338 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: Enterprise Portal). The supported version that is affected is 9.1.00. Easily exp… | |||
| CVE-2017-10326 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Common Applications Calendar component of Oracle E-Business Suite (subcomponent: Applications Calendar). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 1… | |||
| CVE-2017-10325 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Common Applications Calendar component of Oracle E-Business Suite (subcomponent: Applications Calendar). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 1… | |||
| CVE-2017-10323 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Web Applications Desktop Integrator component of Oracle E-Business Suite (subcomponent: Application Service). Supported versions that are affected are 12.1.1, 12.1.2, 12.1… | |||
| CVE-2017-10303 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Interaction Center Intelligence component of Oracle E-Business Suite (subcomponent: Setup). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily expl… | |||
| CVE-2017-10270 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Identity Manager Connector component of Oracle Fusion Middleware (subcomponent: Microsoft Active Directory). The supported version that is affected is 9.1.1.5.0. Easily ex… | |||
| CVE-2017-10263 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows un… | |||
| CVE-2017-10190 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged att… | |||
| CVE-2017-10060 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web General). Supported versions that are affected are 11.1.1.7.0, … | |||
| CVE-2017-10050 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect). Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable … | |||
| CVE-2017-10034 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle BI Publisher component of Oracle Fusion Middleware (subcomponent: Core Formatting API). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploita… | |||
| CVE-2017-10026 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middleware (subcomponent: Fabric Layer). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows… | |||
| CVE-2017-9625 | high | 8.2 | 8.2 | 9y ago | An Improper Authentication issue was discovered in Envitech EnviDAS Ultimate Versions prior to v1.0.0.5. The web application lacks proper authentication which could allow an attacker to view informat… | |||
| CVE-2017-1000119 | high | 7.2 | 8.2 | 9y ago | October CMS PHP Code Execution | |||
| CVE-2017-11321 | high | 7.2 | 8.2 | 9y ago | The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command. | |||
| CVE-2017-12069 | high | 8.2 | 8.2 | 9y ago | An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7… | |||
| CVE-2017-1192 | high | 8.2 | 8.2 | 9y ago | IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive … | |||
| CVE-2017-3752 | high | 8.2 | 8.2 | 9y ago | An industry-wide vulnerability has been identified in the implementation of the Open Shortest Path First (OSPF) routing protocol used on some Lenovo switches. Exploitation of these implementation fla… | |||
| CVE-2017-11154 | high | 7.2 | 8.2 | 9y ago | Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type paramete… | |||
| CVE-2017-10214 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xstore Office). Supported versions that are affected are 6.0.x, 6.5.x, 7.0.x, 7.1.x, … | |||
| CVE-2017-10199 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Pages). The supported version that is affected is 6.2. Easily exploitable vulnerability allows unauthenticat… | |||
| CVE-2017-10196 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3.0. Easily exploitable vulne… | |||
| CVE-2017-10191 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Web Analytics component of Oracle E-Business Suite (subcomponent: Common Libraries). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.… | |||
| CVE-2017-10185 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: User Management). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and … | |||
| CVE-2017-10180 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: CMRO). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Eas… | |||
| CVE-2017-10174 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: Service Request). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and … | |||
| CVE-2017-10171 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Home Page). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.… | |||
| CVE-2017-10170 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Field Service component of Oracle E-Business Suite (subcomponent: Wireless/WAP). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vul… | |||
| CVE-2017-10156 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2… | |||
| CVE-2017-10143 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Preferences). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2… | |||
| CVE-2017-10141 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3.0. Easily exploitable vulne… | |||
| CVE-2017-10113 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: CRM User Management Framework). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12… | |||
| CVE-2017-10112 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Registration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and … | |||
| CVE-2017-10075 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Supported versions that are affected are 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Eas… | |||
| CVE-2017-10048 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle Enterprise Repository component of Oracle Fusion Middleware (subcomponent: Web Interface). Supported versions that are affected are 11.1.1.7.0 and 12.1.3.0.0. Easily explo… | |||
| CVE-2017-10043 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable v… | |||
| CVE-2017-10040 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Supported versions that are affected are 11.1.1.9.0 and 12.2.1.1.0. Easily exploita… | |||
| CVE-2017-10035 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable vulnerabilit… | |||
| CVE-2017-10030 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unaut… | |||
| CVE-2017-10029 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unaut… | |||
| CVE-2017-10028 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unaut… | |||
| CVE-2017-10025 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability a… | |||
| CVE-2017-10024 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Layout Tools). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows una… | |||
| CVE-2017-7682 | high | 8.2 | 8.2 | 9y ago | Apache OpenMeetings vulnerable to parameter manipulation attacks | |||
| CVE-2017-6707 | high | 8.2 | 8.2 | 9y ago | A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Cor… | |||
| CVE-2017-2295 | high | 8.2 | 8.2 | 9y ago | Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization i… | |||
| CVE-2017-1322 | high | 8.2 | 8.2 | 9y ago | IBM API Connect 5.0.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive informat… | |||
| CVE-2017-1000368 | high | 8.2 | 8.2 | 9y ago | Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command executio… | |||
| CVE-2017-1289 | high | 8.2 | 8.2 | 9y ago | IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive inform… | |||
| CVE-2017-8912 | high | 7.2 | 8.2 | 9y ago | CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTa… | |||
| CVE-2017-3625 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Supported versions that are affected are 11.1.1.7, 11.1.1.9, 12.2.1.0, 12.2.1.1 and… | |||
| CVE-2017-3564 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RBAC). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privile… | |||
| CVE-2017-3545 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Blob Server). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2… | |||
| CVE-2017-3541 | high | 8.2 | 8.2 | 9y ago | Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Server). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. E… | |||
| CVE-2017-6554 | high | 7.2 | 8.2 | 9y ago | pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privil… | |||
| CVE-2017-6088 | high | 7.2 | 8.2 | 9y ago | Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (… | |||
| CVE-2017-2683 | high | 8.2 | 8.2 | 9y ago | A non-privileged user of the Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could perform a persistent Cross-Site Scripting (XSS) attack, potentially resulting in obtainin… | |||
| CVE-2017-6098 | high | 7.2 | 8.2 | 9y ago | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parame… | |||
| CVE-2017-6097 | high | 7.2 | 8.2 | 9y ago | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to Wordpress admin) with the PO… | |||
| CVE-2017-6096 | high | 7.2 | 8.2 | 9y ago | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Param… | |||
| CVE-2017-5992 | high | 8.2 | 8.2 | 9y ago | Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document. | |||
| CVE-2017-3443 | high | 8.2 | 8.2 | 10y ago | Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 1… | |||
| CVE-2017-3442 | high | 8.2 | 8.2 | 10y ago | Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easil… | |||
| CVE-2017-3441 | high | 8.2 | 8.2 | 10y ago | Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easil… |