CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2018-2691 Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Proxy User Delegation). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 ... | N/A | NONE | — | 0 |
| CVE-2017-7326 Race condition issue in Yandex Browser for Android before 17.4.0.16 allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page | N/A | NONE | — | 0 |
| CVE-2018-2692 Vulnerability in the Oracle Financial Services Asset Liability Management component of Oracle Financial Services Applications (subcomponent: User Interface). Supported versions that are affected are 6... | N/A | NONE | — | 0 |
| CVE-2018-2693 Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Guest Additions). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploi... | N/A | NONE | — | 0 |
| CVE-2018-2694 Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulne... | N/A | NONE | — | 0 |
| CVE-2018-2695 Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Query). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable v... | N/A | NONE | — | 0 |
| CVE-2018-6576 SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter. | N/A | NONE | — | 0 |
| CVE-2018-2696 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily explo... | N/A | NONE | — | 0 |
| CVE-2018-2697 Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0.4.... | N/A | NONE | — | 0 |
| CVE-2018-2698 Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulne... | N/A | NONE | — | 0 |
| CVE-2018-2699 Vulnerability in the Application Express component of Oracle Database Server. The supported version that is affected is Prior to 5.1.4.00.08. Easily exploitable vulnerability allows unauthenticated at... | N/A | NONE | — | 0 |
| CVE-2017-7327 Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll. | N/A | NONE | — | 0 |
| CVE-2018-2701 Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0.4.... | N/A | NONE | — | 0 |
| CVE-2018-2702 Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Strategic Sourcing). The supported version that is affected is 9.2. Easily exploitable vulnerabil... | N/A | NONE | — | 0 |
| CVE-2018-2703 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily explo... | N/A | NONE | — | 0 |
| CVE-2018-2704 Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.3.0 and 12.4.0. Easily explo... | N/A | NONE | — | 0 |
| CVE-2018-5958 In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from ... | N/A | NONE | — | 0 |
| CVE-2018-2705 Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.3.0 and 12.4.0. Easily explo... | N/A | NONE | — | 0 |
| CVE-2018-2706 Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0 and 12.4.0. Easil... | N/A | NONE | — | 0 |
| CVE-2018-2707 Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0 and 12.4.0. Easil... | N/A | NONE | — | 0 |
| CVE-2018-2708 Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.3.0 and 12.4.0. Difficult to... | N/A | NONE | — | 0 |
| CVE-2018-6002 The Soundy Background Music plugin 3.9 and below for WordPress has Cross-Site Scripting via soundy-background-music\templates\front-end.php (war_soundy_preview parameter). | N/A | NONE | — | 0 |
| CVE-2018-2709 Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0 and 12.4.0. Diffi... | N/A | NONE | — | 0 |
| CVE-2018-2710 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 10. Easily exploitable vulnerability allows unauthenticate... | N/A | NONE | — | 0 |
| CVE-2018-2711 Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Security Framework). Supported versions that are affected are 11.1.1.2.4, 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0... | N/A | NONE | — | 0 |
| CVE-2018-2712 Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is ... | N/A | NONE | — | 0 |
| CVE-2018-6014 Subsonic v6.1.3 has an insecure allow-access-from domain="*" Flash cross-domain policy that allows an attacker to retrieve sensitive user information via a read request. To exploit this issue, an atta... | N/A | NONE | — | 0 |
| CVE-2018-2713 Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Supported versions that are affected are 11.1.1.9.0, 12.2.1.2.0 and 12.... | N/A | NONE | — | 0 |
| CVE-2018-2714 Vulnerability in the Oracle Financial Services Market Risk component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.x. Easily e... | N/A | NONE | — | 0 |
| CVE-2018-2715 Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: BI Platform Security). Supported versions that are affected are 12.2.1.2.0 and... | N/A | NONE | — | 0 |
| CVE-2018-2716 Vulnerability in the Oracle Financial Services Market Risk Measurement and Management component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is ... | N/A | NONE | — | 0 |
| CVE-2018-2717 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Platform). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allow... | N/A | NONE | — | 0 |
| CVE-2018-2719 Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is af... | N/A | NONE | — | 0 |
| CVE-2018-2720 Vulnerability in the Oracle Financial Services Liquidity Risk Management component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8... | N/A | NONE | — | 0 |
| CVE-2018-2721 Vulnerability in the Oracle Financial Services Price Creation and Discovery component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected i... | N/A | NONE | — | 0 |
| CVE-2018-14971 An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/user.php has XSS. | N/A | NONE | — | 0 |
| CVE-2018-2722 Vulnerability in the Oracle Financial Services Price Creation and Discovery component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected i... | N/A | NONE | — | 0 |
| CVE-2018-2723 Vulnerability in the Oracle Financial Services Asset Liability Management component of Oracle Financial Services Applications (subcomponent: User Interface). Supported versions that are affected are 6... | N/A | NONE | — | 0 |
| CVE-2018-2724 Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is ... | N/A | NONE | — | 0 |
| CVE-2018-2725 Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is af... | 8.1 | HIGH | — | 0 |
| CVE-2018-1000010 Jenkins DRY Plugin 2.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jen... | N/A | NONE | — | 0 |
| CVE-2018-2726 Vulnerability in the Oracle Financial Services Market Risk component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.x. Easily e... | N/A | NONE | — | 0 |
| CVE-2018-2727 Vulnerability in the Oracle Financial Services Market Risk Measurement and Management component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is ... | N/A | NONE | — | 0 |
| CVE-2018-2728 Vulnerability in the Oracle Financial Services Funds Transfer Pricing component of Oracle Financial Services Applications (subcomponent: User Interface). Supported versions that are affected are 6.1.x... | N/A | NONE | — | 0 |
| CVE-2018-2729 Vulnerability in the Oracle Financial Services Funds Transfer Pricing component of Oracle Financial Services Applications (subcomponent: User Interface). Supported versions that are affected are 6.1.x... | N/A | NONE | — | 0 |
| CVE-2018-2730 Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications (subcomponent: Cross Pillar). The supported version that is affected is 16.0. Easily exploitable vulnera... | N/A | NONE | — | 0 |
| CVE-2018-2731 Vulnerability in the PeopleSoft Enterprise SCM eProcurement component of Oracle PeopleSoft Products (subcomponent: Manage Requisition Status). Supported versions that are affected are 9.1 and 9.2. Eas... | N/A | NONE | — | 0 |
| CVE-2018-2732 Vulnerability in the Oracle Financial Services Analytical Applications Reconciliation Framework component of Oracle Financial Services Applications (subcomponent: User Interface). The supported versio... | 6.1 | MEDIUM | — | 0 |
| CVE-2018-2733 Vulnerability in the Oracle Hyperion Planning component of Oracle Hyperion (subcomponent: Security). The supported version that is affected is 11.1.2.4.007. Difficult to exploit vulnerability allows h... | N/A | NONE | — | 0 |
| CVE-2018-6577 SQL Injection exists in the JEXTN Membership 3.1.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request. | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.