CVE Daily
← All tags

Tag: Unauthenticated/Unauthorized Access

All CVEs associated with "Unauthenticated/Unauthorized Access". Page 106/128 • 15320 CVEs.

Subscribe CVEs: RSS for “Unauthenticated/Unauthorized Access”  ·  RSS (High+Critical only)

About “Unauthenticated/Unauthorized Access”

A curated feed of “Unauthenticated/Unauthorized Access”-related CVEs appears below. We currently track 15320 CVEs for this tag (all time). In the last 365 days, 3827 were published. Average CVSS is 7.4 (all time; 7.4 over 365d), and 61% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-862 - Missing Authorization, CWE-306 - Missing Authentication for Critical Function, CWE-639 - Authorization Bypass Through User-Controlled Key.

In our taxonomy this topic maps to a HIGH impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2018-10-17
Medium

CVE-2018-3281

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-3275

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: LibKMIP). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows unauthen…

CVSS: 7.4 CWE: N/A View on NVD
High

CVE-2018-3273

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Remote Administration Daemon (RAD)). The supported version that is affected is 11.3. Easily exploitable vuln…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2018-3272

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones Virtualized NIC Driver). The supported version that is affected is 11.3. Easily exploitable vul…

CVSS: 6.2 CWE: N/A View on NVD
Medium

CVE-2018-3268

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SMB Server). The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthe…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-3267

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: LFTP). The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticat…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-3265

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zones). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows unauthenti…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2018-3263

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Sudo). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows unauthentic…

CVSS: 5.6 CWE: N/A View on NVD
Medium

CVE-2018-3262

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Stylesheet). Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploit…

CVSS: 4.7 CWE: N/A View on NVD
Medium

CVE-2018-3261

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.55, 8.56 and 8.57. Easily…

CVSS: 5.3 CWE: N/A View on NVD
Critical

CVE-2018-3259

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticate…

CVSS: 9.8 CWE: N/A View on NVD
Medium

CVE-2018-3257

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Supported versions that are affected are 8.55 and 8.56. Easily expl…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3256

Vulnerability in the Oracle Email Center component of Oracle E-Business Suite (subcomponent: Message Display). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5,…

CVSS: 4.7 CWE: N/A View on NVD
Medium

CVE-2018-3255

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Core). Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploit…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3254

Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Supported versions that are affected are 11.1.1.9.0 and 12.2.1.3.0. Ea…

CVSS: 5.3 CWE: N/A View on NVD
Critical

CVE-2018-3252

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily…

CVSS: 9.8 CWE: N/A View on NVD
Medium

CVE-2018-3250

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected is 10.3.6.0. Easily exploitable vulnerabil…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3249

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected is 10.3.6.0. Easily exploitable vulnerabil…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2018-3248

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected is 10.3.6.0. Easily exploitable vulnerabil…

CVSS: 6.5 CWE: N/A View on NVD
High

CVE-2018-3246

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitabl…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2018-3245

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily…

CVSS: 9.8 CWE: CWE-502 - Deserialization of Untrusted Data View on NVD
Medium

CVE-2018-3244

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Attachments / File Upload). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4,…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2018-3243

Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: None). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easil…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-3242

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Marketing Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 1…

CVSS: 8.2 CWE: N/A View on NVD
Medium

CVE-2018-3241

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3239

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.55 and 8.56. Easily explo…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-3238

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). The supported version that is affected is 11.1.1.8.0. Easily exploitable vulnerability a…

CVSS: 6.9 CWE: N/A View on NVD
Medium

CVE-2018-3237

Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: Support Cart). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-3236

Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Reports). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. E…

CVSS: 6.5 CWE: N/A View on NVD
High

CVE-2018-3235

Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: None). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7.…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-3234

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3233

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3232

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3231

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3230

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3229

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3228

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3227

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3226

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3225

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3224

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3223

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3222

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3221

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3220

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3219

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3218

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3217

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 7.1 CWE: N/A View on NVD
Medium

CVE-2018-3215

Vulnerability in the Oracle Endeca Information Discovery Integrator component of Oracle Fusion Middleware (subcomponent: Integrator ETL). Supported versions that are affected are 3.1.0 and 3.2.0. Eas…

CVSS: 5.4 CWE: N/A View on NVD
Medium

CVE-2018-3214

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded:…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2018-3213

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Docker Images). The supported version that is affected is prior to Docker 12.2.1.3.20180913. Easily ex…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2018-3211

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serviceability). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181. Eas…

CVSS: 6.6 CWE: N/A View on NVD
Medium

CVE-2018-3210

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2018-3209

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). The supported version that is affected is Java SE: 8u182. Difficult to exploit vulnerability allows unauthenticated at…

CVSS: 8.3 CWE: N/A View on NVD
High

CVE-2018-3208

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and Security). The supported version that is affected is 11.1.2.4.345. Easily exploitable…

CVSS: 7.7 CWE: N/A View on NVD
Medium

CVE-2018-3207

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulne…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3206

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulne…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3205

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Workflow). Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitab…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-3204

Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Server). The supported version that is affected is 12.2.1.3.0. Easi…

CVSS: 8.2 CWE: N/A View on NVD
Medium

CVE-2018-3202

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Performance Monitor). Supported versions that are affected are 8.55 and 8.56. Easily expl…

CVSS: 5.3 CWE: N/A View on NVD
Critical

CVE-2018-3201

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerabi…

CVSS: 9.8 CWE: N/A View on NVD
Medium

CVE-2018-3198

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable…

CVSS: 5.3 CWE: N/A View on NVD
Critical

CVE-2018-3197

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). The supported version that is affected is 12.1.3.0. Easily exploitable vulnerabi…

CVSS: 9.8 CWE: N/A View on NVD
High

CVE-2018-3196

Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: Partner Dashboard). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4,…

CVSS: 8.2 CWE: N/A View on NVD
Medium

CVE-2018-3194

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Activity Guide). Supported versions that are affected are 8.55 and 8.56. Easily exploitab…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3193

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Activity Guide). Supported versions that are affected are 8.55 and 8.56. Easily exploitab…

CVSS: 6.1 CWE: N/A View on NVD
Critical

CVE-2018-3191

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily…

CVSS: 9.8 CWE: N/A View on NVD
High

CVE-2018-3190

Vulnerability in the Oracle E-Business Intelligence component of Oracle E-Business Suite (subcomponent: Overview Page/Report Rendering). Supported versions that are affected are 12.1.1, 12.1.2 and 12…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-3189

Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite (subcomponent: Outcome-Result). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easil…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-3188

Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Web interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6…

CVSS: 8.2 CWE: N/A View on NVD
Critical

CVE-2018-3183

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181;…

CVSS: 9.0 CWE: N/A View on NVD
Medium

CVE-2018-3181

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: OHC ENOAD). The supported version that is affected is 8…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2018-3180

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedde…

CVSS: 5.6 CWE: N/A View on NVD
High

CVE-2018-3179

Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Advanced Console). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploit…

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2018-3178

Vulnerability in the Hyperion Common Events component of Oracle Hyperion (subcomponent: User Interface). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows un…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3177

Vulnerability in the Hyperion Common Events component of Oracle Hyperion (subcomponent: User Interface). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows un…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3176

Vulnerability in the Hyperion Common Events component of Oracle Hyperion (subcomponent: User Interface). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows un…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3175

Vulnerability in the Hyperion Common Events component of Oracle Hyperion (subcomponent: User Interface). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows un…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3172

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Supported versions that are affected are 10 and 11.4. Easily exploitable vulnerability allows unauthen…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2018-3169

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u191, 8u182 and 11; Java SE Embedded: 8u181. Dif…

CVSS: 8.3 CWE: N/A View on NVD
Medium

CVE-2018-3167

Vulnerability in the Application Management Pack for Oracle E-Business Suite component of Oracle E-Business Suite (subcomponent: User Monitoring). Supported versions that are affected are 12.1.3, 12.…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-3164

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Elastic Search). Supported versions that are affected are 8.55 and 8.56. Easily exploitab…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3163

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0.…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2018-3159

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Sender and Receiver). The supported version that is affected is 9.0. Easily…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-3158

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0.…

CVSS: 7.1 CWE: N/A View on NVD
Low

CVE-2018-3157

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Sound). The supported version that is affected is Java SE: 11. Difficult to exploit vulnerability allows unauthenticated attack…

CVSS: 3.7 CWE: N/A View on NVD
Medium

CVE-2018-3154

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulne…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3153

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Supported versions that are affected are 8.55, 8.56 and 8.57. Easil…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-3152

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). The supported version that is affected is 3.1.2. Easily exploitable vulnerability al…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2018-3151

Vulnerability in the Oracle iProcurement component of Oracle E-Business Suite (subcomponent: E-Content Manager Catalog). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.…

CVSS: 7.5 CWE: N/A View on NVD
Low

CVE-2018-3150

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Utility). The supported version that is affected is Java SE: 11. Difficult to exploit vulnerability allows unauthenticated atta…

CVSS: 3.7 CWE: N/A View on NVD
High

CVE-2018-3149

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedde…

CVSS: 8.3 CWE: N/A View on NVD
Medium

CVE-2018-3148

Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 15.1, 15.2, 16.1, 16.2, 17.1-17.12 a…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3147

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploita…

CVSS: 4.3 CWE: N/A View on NVD
High

CVE-2018-3146

Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Administration). Supported versions that are affected are 6.1 and 6.2. Easily exploitable vulnerability allo…

CVSS: 8.2 CWE: N/A View on NVD
Medium

CVE-2018-3144

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to explo…

CVSS: 5.9 CWE: N/A View on NVD
High

CVE-2018-3142

Vulnerability in the Hyperion Essbase Administration Services component of Oracle Hyperion (subcomponent: EAS Console). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerab…

CVSS: 7.7 CWE: N/A View on NVD
Medium

CVE-2018-3141

Vulnerability in the Hyperion Essbase Administration Services component of Oracle Hyperion (subcomponent: EAS Console). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerab…

CVSS: 5.8 CWE: N/A View on NVD
Medium

CVE-2018-3140

Vulnerability in the Hyperion Essbase Administration Services component of Oracle Hyperion (subcomponent: EAS Console). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerab…

CVSS: 6.1 CWE: N/A View on NVD
Low

CVE-2018-3139

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded:…

CVSS: 3.1 CWE: N/A View on NVD
High

CVE-2018-3138

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Attachments / File Upload). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4,…

CVSS: 8.2 CWE: N/A View on NVD
Low

CVE-2018-3136

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u…

CVSS: 3.4 CWE: N/A View on NVD
Medium

CVE-2018-3135

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulne…

CVSS: 4.7 CWE: N/A View on NVD
Medium

CVE-2018-3132

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Rich Text Editor). Supported versions that are affected are 8.55 and 8.56. Easily exploit…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3131

Vulnerability in the Oracle Hospitality Gift and Loyalty component of Oracle Food and Beverage Applications. The supported version that is affected is 9.0. Easily exploitable vulnerability allows low…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3129

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable…

CVSS: 4.3 CWE: N/A View on NVD
High

CVE-2018-3128

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.0. Easily exploitable vulnerability all…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2018-3127

Vulnerability in the Oracle Demantra Demand Management component of Oracle Supply Chain Products Suite (subcomponent: Product Security). Supported versions that are affected are 7.3.5 and 12.2. Easil…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2018-3122

Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Integrations). Supported versions that are affected are 6.0, 6.0.1 and 5.3. Difficult…

CVSS: 6.8 CWE: N/A View on NVD
High

CVE-2018-3115

Vulnerability in the Oracle Retail Sales Audit component of Oracle Retail Applications (subcomponent: Operational Insights). Supported versions that are affected are 15.0 and 16.0. Difficult to explo…

CVSS: 7.7 CWE: N/A View on NVD
Medium

CVE-2018-3059

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 18.7, 18.8 and 18.9. Easily exploitable vulnerability all…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-3011

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-2914

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploitable vulne…

CVSS: 7.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Critical

CVE-2018-2913

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Monitoring Manager). Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploi…

CVSS: 10.0 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2018-2912

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploitable vulne…

CVSS: 7.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2018-2911

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability…

CVSS: 8.3 CWE: N/A View on NVD
High

CVE-2018-2909

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows u…

CVSS: 8.6 CWE: N/A View on NVD
High

CVE-2018-2889

Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Internal Operations). The supported version that is affected is 12.1.2. Easily exploitable vulnerability al…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2018-2887

Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Back Office). Supported versions that are affected are 13.0.0 and 12.1.2. Easily exploitable vulnerability…

CVSS: 6.5 CWE: N/A View on NVD
2018-10-12
Medium

CVE-2018-10141

GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML.

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD