CVE Daily
← All tags

Tag: Unauthenticated/Unauthorized Access

All CVEs associated with "Unauthenticated/Unauthorized Access". Page 108/128 • 15319 CVEs.

Subscribe CVEs: RSS for “Unauthenticated/Unauthorized Access”  ·  RSS (High+Critical only)

About “Unauthenticated/Unauthorized Access”

A curated feed of “Unauthenticated/Unauthorized Access”-related CVEs appears below. We currently track 15319 CVEs for this tag (all time). In the last 365 days, 3827 were published. Average CVSS is 7.4 (all time; 7.4 over 365d), and 61% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-862 - Missing Authorization, CWE-306 - Missing Authentication for Critical Function, CWE-639 - Authorization Bypass Through User-Controlled Key.

In our taxonomy this topic maps to a HIGH impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2018-07-20
High

CVE-2014-2296

XML external entity (XXE) vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS server before 3.4.12.1 and 3.5.x before 3.5.2.1, when Google Accounts Integration is enabled, allows rem…

CVSS: 8.8 CWE: CWE-611 - Improper Restriction of XML External Entity Reference View on NVD
Medium

CVE-2018-1679

IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow an unauthenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Forc…

CVSS: 5.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2018-07-18
High

CVE-2018-3104

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3103

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3102

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
Medium

CVE-2018-3101

Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: Portlet Services). Supported versions that are affected are 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. Ea…

CVSS: 5.3 CWE: N/A View on NVD
Critical

CVE-2018-3100

Vulnerability in the Oracle Business Process Management Suite component of Oracle Fusion Middleware (subcomponent: Process Analysis & Discovery). Supported versions that are affected are 11.1.1.7.0,…

CVSS: 9.1 CWE: N/A View on NVD
High

CVE-2018-3099

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3098

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3097

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3096

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3095

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3094

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3093

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3092

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
Medium

CVE-2018-3091

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows u…

CVSS: 6.3 CWE: N/A View on NVD
High

CVE-2018-3090

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows u…

CVSS: 8.6 CWE: N/A View on NVD
High

CVE-2018-3089

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows u…

CVSS: 8.6 CWE: N/A View on NVD
High

CVE-2018-3088

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows u…

CVSS: 8.6 CWE: N/A View on NVD
High

CVE-2018-3087

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows u…

CVSS: 8.6 CWE: N/A View on NVD
High

CVE-2018-3086

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows u…

CVSS: 8.6 CWE: N/A View on NVD
High

CVE-2018-3085

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows u…

CVSS: 8.5 CWE: N/A View on NVD
Medium

CVE-2018-3072

Vulnerability in the PeopleSoft HRMS component of Oracle PeopleSoft Products (subcomponent: Candidate Gateway). The supported version that is affected is 9.2. Easily exploitable vulnerability allows…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-3068

Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Compensation). The supported version that is affected is 9.2. Easily exploitable…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-3055

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows u…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3051

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affect…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2018-3050

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0,…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2018-3047

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affect…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-3046

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0,…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-3039

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affect…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-3038

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0,…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2018-3035

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2018-3033

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-3029

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2018-3027

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2018-3025

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-3021

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2018-3018

Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-3017

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Preferences). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4,…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-3015

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2018-3014

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Reports). The supported version that is affected is 5.5.x. Easily exploit…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2018-3013

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Report Server Config). The supported version that is affected is 5.5.x. E…

CVSS: 6.5 CWE: N/A View on NVD
High

CVE-2018-3012

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-3010

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3009

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-3008

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulne…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-3007

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability all…

CVSS: 8.6 CWE: N/A View on NVD
Medium

CVE-2018-3006

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime). The supported version that is affected is 9.2. Easily exploitable vulnerabilit…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-3005

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows u…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2018-3004

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2,12.2.0.1 and 18.2. Difficult to exploit vulnerability allows low privileg…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-3003

Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). The supported version that is affect…

CVSS: 6.2 CWE: N/A View on NVD
High

CVE-2018-3002

Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). The supported version that is affect…

CVSS: 7.1 CWE: N/A View on NVD
Medium

CVE-2018-3001

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). The supported version that is affected is…

CVSS: 6.2 CWE: N/A View on NVD
High

CVE-2018-3000

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). The supported version that is affected is…

CVSS: 7.1 CWE: N/A View on NVD
Medium

CVE-2018-2999

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime). The supported version that is affected is 9.2. Easily exploitable vulnerabilit…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-2997

Vulnerability in the Oracle Scripting component of Oracle E-Business Suite (subcomponent: Script Author). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulner…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-2996

Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: Oracle Diagnostics Interfaces). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 1…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2018-2995

Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6…

CVSS: 8.2 CWE: N/A View on NVD
Medium

CVE-2018-2994

Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2018-2993

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Preferences). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4,…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-2992

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnera…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2018-2991

Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-2990

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.55 and 8.56. Difficult to…

CVSS: 7.4 CWE: N/A View on NVD
High

CVE-2018-2989

Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Administration). The supported version that is affected is 6.2. Easily exploitable vulnerability allows unau…

CVSS: 8.2 CWE: N/A View on NVD
Medium

CVE-2018-2988

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Products). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 an…

CVSS: 6.9 CWE: N/A View on NVD
Medium

CVE-2018-2987

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Console). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily e…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-2986

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Workflow). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vul…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-2985

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Workflow). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vul…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-2984

Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Gangway Activity Web App). The supported version that is affected is…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2018-2982

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2018-2978

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). Supported versions that are affected are 2.8, 2.9 and 2.10. Difficult to e…

CVSS: 7.1 CWE: N/A View on NVD
Medium

CVE-2018-2977

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.55 and 8.56. Easily explo…

CVSS: 6.5 CWE: N/A View on NVD
High

CVE-2018-2976

Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Networking). The supported version that is affected is 12.2.2. Easily exploitab…

CVSS: 8.2 CWE: N/A View on NVD
Medium

CVE-2018-2975

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-2973

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u…

CVSS: 5.9 CWE: N/A View on NVD
Medium

CVE-2018-2972

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). The supported version that is affected is Java SE: 10.0.1. Difficult to exploit vulnerability allows unauthenticated…

CVSS: 5.9 CWE: N/A View on NVD
Medium

CVE-2018-2968

Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). Supported versions that are affected are 16.x, 17.x and 18.x. Easily exploitable vu…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2018-2967

Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). Supported versions that are affected are 16.x, 17.x and 18.x. Easily exploitable vu…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2018-2966

Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). Supported versions that are affected are 16.x, 17.x and 18.x. Easily exploitable vu…

CVSS: 7.4 CWE: N/A View on NVD
Medium

CVE-2018-2965

Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). The supported version that is affected is 16.x. Easily exploitable vulnerability al…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-2964

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u172 and 10.0.1. Difficult to exploit vulnerability allows unau…

CVSS: 8.3 CWE: N/A View on NVD
Medium

CVE-2018-2961

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-2960

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-2959

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). The supported version that is affected is 18.0. Easily exploitable vulnerability allows unauthenti…

CVSS: 4.3 CWE: N/A View on NVD
High

CVE-2018-2958

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2018-2957

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Logging). The supported version that is affected is 5.5.x. Easily exploit…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2018-2956

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Integration). The supported version that is affected is 5.5.x. Difficult…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2018-2955

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Integration). The supported version that is affected is 5.5.x. Easily exp…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2018-2953

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4,…

CVSS: 8.2 CWE: N/A View on NVD
Low

CVE-2018-2952

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java…

CVSS: 3.7 CWE: N/A View on NVD
Medium

CVE-2018-2951

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Configuration Manager). Supported versions that are affected are 8.55 and 8.56. Easily ex…

CVSS: 6.2 CWE: N/A View on NVD
Medium

CVE-2018-2950

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime). The supported version that is affected is 9.2. Easily exploitable vulnerabilit…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-2949

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime). The supported version that is affected is 9.2. Easily exploitable vulnerabilit…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-2948

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime). The supported version that is affected is 9.2. Easily exploitable vulnerabilit…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-2947

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime). The supported version that is affected is 9.2. Easily exploitable vulnerabilit…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2018-2946

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime). The supported version that is affected is 9.2. Easily exploitable vulnerabilit…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2018-2945

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime). The supported version that is affected is 9.2. Easily exploitable vulnerabilit…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-2944

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitab…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2018-2943

Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Supported versions that are affected are 12.2.1.2.0 and 12.2.1.3.0. Easily e…

CVSS: 9.8 CWE: N/A View on NVD
High

CVE-2018-2942

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). Supported versions that are affected are Java SE: 7u181 and 8u172. Difficult to exploit vulnerability allows unau…

CVSS: 8.3 CWE: N/A View on NVD
High

CVE-2018-2941

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u181, 8u172 and 10.0.1. Difficult to exploit vulnerability allows u…

CVSS: 8.3 CWE: N/A View on NVD
Medium

CVE-2018-2940

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedde…

CVSS: 4.3 CWE: N/A View on NVD
Critical

CVE-2018-2938

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB). Supported versions that are affected are Java SE: 6u191, 7u181 and 8u172. Difficult to exploit vulnerability allows u…

CVSS: 9.0 CWE: N/A View on NVD
Medium

CVE-2018-2937

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is Prior to 8.7.19. Easil…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-2936

Vulnerability in the Oracle Communications Messaging Server component of Oracle Communications Applications (subcomponent: Web Client). The supported version that is affected is 3.x. Easily exploitab…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-2935

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JSF). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily explo…

CVSS: 8.3 CWE: N/A View on NVD
Medium

CVE-2018-2934

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Attachments / File Upload). The supported version that is affected is 12.1.3. Easily exploit…

CVSS: 5.3 CWE: CWE-665 - Improper Initialization View on NVD
High

CVE-2018-2932

Vulnerability in the Oracle SuperCluster Specific Software component of Oracle Sun Systems Products Suite (subcomponent: SuperCluster Virtual Assistant). The supported version that is affected is Pri…

CVSS: 7.1 CWE: N/A View on NVD
Critical

CVE-2018-2930

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulne…

CVSS: 9.8 CWE: N/A View on NVD
Medium

CVE-2018-2929

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Supported versions that are affected are 8.55 and 8.56. Easily expl…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-2928

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RAD). The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticate…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2018-2925

Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. Easily…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2018-2921

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is Prior to 8.7.18. Easil…

CVSS: 5.8 CWE: N/A View on NVD
Medium

CVE-2018-2919

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Unified Navigation). Supported versions that are affected are 8.55 and 8.56. Easily explo…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-2918

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Diffi…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2018-2917

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Easil…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2018-2915

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security). The supported version that is affected is 11.1.2.4.330. Easily exploitable…

CVSS: 5.8 CWE: N/A View on NVD
High

CVE-2018-2907

Vulnerability in the Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). The supported version that is affected is 11.1.2. Easily exploitable vulnerability allo…

CVSS: 8.6 CWE: N/A View on NVD
Low

CVE-2018-2906

Vulnerability in the Hardware Management Pack component of Oracle Sun Systems Products Suite (subcomponent: Ipmitool). The supported version that is affected is 11.3. Difficult to exploit vulnerabili…

CVSS: 3.7 CWE: N/A View on NVD
Medium

CVE-2018-2905

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Services). The supported version that is affected is Prior to 8.7.20. Easily…

CVSS: 5.3 CWE: N/A View on NVD