CVE-2017-15095
- EPSS 8.41%
- Veröffentlicht 06.02.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:14:03
A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMappe...
CVE-2018-2680
- EPSS 1.69%
- Veröffentlicht 18.01.2018 02:29:22
- Zuletzt bearbeitet 21.11.2024 04:04:13
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols ...
CVE-2018-2575
- EPSS 0.89%
- Veröffentlicht 18.01.2018 02:29:18
- Zuletzt bearbeitet 21.11.2024 04:03:58
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, and 12.2.0.1. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with netwo...
CVE-2017-10282
- EPSS 1.75%
- Veröffentlicht 18.01.2018 02:29:16
- Zuletzt bearbeitet 21.11.2024 03:05:49
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute Catalog Role privileg...
CVE-2017-10120
- EPSS 0.36%
- Veröffentlicht 08.08.2017 15:29:03
- Zuletzt bearbeitet 13.05.2026 00:24:29
Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege wit...
CVE-2016-9840
- EPSS 4.79%
- Veröffentlicht 23.05.2017 04:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9841
- EPSS 7.49%
- Veröffentlicht 23.05.2017 04:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9842
- EPSS 5.16%
- Veröffentlicht 23.05.2017 04:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9843
- EPSS 5.95%
- Veröffentlicht 23.05.2017 04:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2017-3240
- EPSS 0.39%
- Veröffentlicht 27.01.2017 22:59:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure...