Latest CVE Feed
-
8.7
HIGHCVE-2017-10372
Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vulnerability allows high privileged attacker with network... Read more
Affected Products : hospitality_guest_access- EPSS Score: %0.35
- Published: Oct. 19, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2017-10341
Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.7. Difficult to exploit vulnerability allows unauthenticated attacker w... Read more
- EPSS Score: %0.62
- Published: Oct. 19, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-10206
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Engagement). The supported version that is affected is 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access v... Read more
- EPSS Score: %0.55
- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-10188
Vulnerability in the Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite 8/Android). The supported version that is affected is 1.01. Easily exploitable vulnerability allows low privileged attacker with logon to the i... Read more
Affected Products : hospitality_hotel_mobile- EPSS Score: %0.12
- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
5.3
MEDIUMCVE-2017-10154
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access ... Read more
Affected Products : access_manager- EPSS Score: %0.51
- Published: Oct. 19, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2015-5946
Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.... Read more
- EPSS Score: %0.36
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.1
HIGHCVE-2017-10085
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily e... Read more
Affected Products : flexcube_universal_banking- EPSS Score: %0.67
- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
8.2
HIGHCVE-2017-10048
Vulnerability in the Oracle Enterprise Repository component of Oracle Fusion Middleware (subcomponent: Web Interface). Supported versions that are affected are 11.1.1.7.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker wit... Read more
Affected Products : enterprise_repository- EPSS Score: %1.61
- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
7.2
HIGHCVE-2017-1002025
Vulnerability in wordpress plugin add-edit-delete-listing-for-member-module v1.0, The plugin author does not sanitize user supplied input via $act before passing it into an SQL statement.... Read more
Affected Products : add-edit-delete-listing-for-member-module- EPSS Score: %0.93
- Published: Sep. 14, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-1002014
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via gallery_name parameter.... Read more
Affected Products : image-gallery-with-slideshow- EPSS Score: %6.01
- Published: Sep. 14, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-1002013
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection via imgid parameter in image-gallery-with-slideshow/admin_setting.php.... Read more
Affected Products : image-gallery-with-slideshow- EPSS Score: %6.01
- Published: Sep. 14, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-1002012
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, In image-gallery-with-slideshow/admin_setting.php the following snippet of code does not sanitize input via the gid variable before passing it into an SQL statement.... Read more
Affected Products : image-gallery-with-slideshow- EPSS Score: %10.33
- Published: Sep. 14, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-10017
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Workcenter). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with networ... Read more
Affected Products : peoplesoft_enterprise_peopletools- EPSS Score: %0.46
- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
8.3
HIGHCVE-2017-10013
Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is AK 2013. Difficult to exploit vulnerability allows unauthenticated attacker wi... Read more
- EPSS Score: %1.92
- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
5.4
MEDIUMCVE-2017-1001001
PluXml version 5.6 is vulnerable to stored cross-site scripting vulnerability, within the article creation page, which can result in escalation of privileges.... Read more
Affected Products : pluxml- EPSS Score: %0.21
- Published: Nov. 01, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-10011
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low pr... Read more
Affected Products : flexcube_private_banking- EPSS Score: %0.12
- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-1000066
The entry details view function in KeePass version 1.32 inadvertently decrypts certain database entries into memory, which may result in the disclosure of sensitive information.... Read more
Affected Products : keepass- EPSS Score: %0.60
- Published: Jul. 17, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-1000372
A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions.... Read more
- EPSS Score: %5.37
- Published: Jun. 19, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2017-1000235
I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised.... Read more
Affected Products : i_librarian- EPSS Score: %11.63
- Published: Nov. 17, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-1000210
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack... Read more
Affected Products : picotcp- EPSS Score: %0.82
- Published: Nov. 17, 2017
- Modified: Apr. 20, 2025