National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

<strong>JSON Vulnerability Feeds 1.0 Released!</strong>
JSON Feed 1.0 Released
Vulnerable Product Configurations Improved!
CPE Ranges
Multiple different visualizations displaying word, CWE, CVSS score distribution and more!
Vulnerability Visualizations


The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.
 
Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

  • CVE-2019-2414 Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastr... read CVE-2019-2414
    Published: January 16, 2019; 02:30:31 PM -05:00

    V3: 7.8 HIGH
     V2: 4.6 MEDIUM

  • CVE-2019-2413 Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware (subcomponent: Valid Session). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network acces... read CVE-2019-2413
    Published: January 16, 2019; 02:30:31 PM -05:00

    V3: 6.1 MEDIUM
     V2: 5.8 MEDIUM

  • CVE-2019-2411 Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). The supported version that is affected is 8.0.8. Easily exploitable vulnerability allows low... read CVE-2019-2411
    Published: January 16, 2019; 02:30:31 PM -05:00

    V3: 7.6 HIGH
     V2: 4.9 MEDIUM

  • CVE-2019-2410 Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: DGS RES Online, FMS Sender, FMS Receiver, OHC WPF Security). The supported version that is affected is 8.0... read CVE-2019-2410
    Published: January 16, 2019; 02:30:31 PM -05:00

    V3: 5.1 MEDIUM
     V2: 3.6 LOW

  • CVE-2019-2406 Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute Catalog Role pri... read CVE-2019-2406
    Published: January 16, 2019; 02:30:31 PM -05:00

    V3: 7.2 HIGH
     V2: 6.5 MEDIUM

  • CVE-2019-2403 Vulnerability in the Oracle Hospitality Simphony component of Oracle Food and Beverage Applications. The supported version that is affected is 2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comp... read CVE-2019-2403
    Published: January 16, 2019; 02:30:30 PM -05:00

    V3: 6.5 MEDIUM
     V2: 6.4 MEDIUM

  • CVE-2018-3305 Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploita... read CVE-2018-3305
    Published: January 16, 2019; 02:29:36 PM -05:00

    V3: 6.3 MEDIUM
     V2: 6.5 MEDIUM

  • CVE-2019-2402 Vulnerability in the Oracle Hospitality Simphony component of Oracle Food and Beverage Applications. The supported version that is affected is 2.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to co... read CVE-2019-2402
    Published: January 16, 2019; 02:30:30 PM -05:00

    V3: 7.7 HIGH
     V2: 6.8 MEDIUM

  • CVE-2018-3304 Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploita... read CVE-2018-3304
    Published: January 16, 2019; 02:29:36 PM -05:00

    V3: 6.5 MEDIUM
     V2: 6.4 MEDIUM

  • CVE-2018-3303 Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite (subcomponent: EM Console). Supported versions that are affected are 13.2 and 13.3. Easily exploitable vulnerability allows unauthenticated at... read CVE-2018-3303
    Published: January 16, 2019; 02:29:36 PM -05:00

    V3: 6.5 MEDIUM
     V2: 6.4 MEDIUM

  • CVE-2019-2399 Vulnerability in the Oracle Communications Diameter Signaling Router (DSR) component of Oracle Communications Applications (subcomponent: Security). The supported version that is affected is prior to 8.3. Easily exploitable vulnerability allows unaut... read CVE-2019-2399
    Published: January 16, 2019; 02:30:30 PM -05:00

    V3: 6.5 MEDIUM
     V2: 6.4 MEDIUM

  • CVE-2019-2519 Vulnerability in the PeopleSoft Enterprise SCM eProcurement component of Oracle PeopleSoft Products (subcomponent: Manage Requisition Status). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated atta... read CVE-2019-2519
    Published: January 16, 2019; 02:30:35 PM -05:00

    V3: 6.1 MEDIUM
     V2: 5.8 MEDIUM

  • CVE-2019-2493 Vulnerability in the PeopleSoft Enterprise CS Campus Community component of Oracle PeopleSoft Products (subcomponent: Frameworks). Supported versions that are affected are 9.0 and 9.2. Difficult to exploit vulnerability allows unauthenticated attacke... read CVE-2019-2493
    Published: January 16, 2019; 02:30:33 PM -05:00

    V3: 3.1 LOW
     V2: 2.6 LOW

  • CVE-2019-2441 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Application Container - JavaEE). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker wit... read CVE-2019-2441
    Published: January 16, 2019; 02:30:32 PM -05:00

    V3: 5.3 MEDIUM
     V2: 5.0 MEDIUM

  • CVE-2019-2437 Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to c... read CVE-2019-2437
    Published: January 16, 2019; 02:30:32 PM -05:00

    V3: 7.5 HIGH
     V2: 7.8 HIGH

  • CVE-2018-3309 Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is prior to 5.2.22. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru... read CVE-2018-3309
    Published: January 16, 2019; 02:29:36 PM -05:00

    V3: 8.2 HIGH
     V2: 4.6 MEDIUM

  • CVE-2019-2512 Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8.4, 15.1, 15.2, 16.1, 16.2, 17.7-17.12 and 18.8. Di... read CVE-2019-2512
    Published: January 16, 2019; 02:30:35 PM -05:00

    V3: 4.7 MEDIUM
     V2: 4.0 MEDIUM

  • CVE-2019-2487 Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: UI Infrastructure). Supported versions that are affected are 6.3.7, 6.4.1, 6.4.2 and 6.4.3. Easily exploitable vulnerability allows l... read CVE-2019-2487
    Published: January 16, 2019; 02:30:33 PM -05:00

    V3: 6.5 MEDIUM
     V2: 4.0 MEDIUM

  • CVE-2019-2432 Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Login). Supported versions that are affected are 8.1 and 8.2. Difficult to exploit vulnerability allows low privileged attacker with network acce... read CVE-2019-2432
    Published: January 16, 2019; 02:30:31 PM -05:00

    V3: 4.9 MEDIUM
     V2: 4.9 MEDIUM

  • CVE-2019-2431 Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Console). Supported versions that are affected are 8.1 and 8.2. Difficult to exploit vulnerability allows unauthenticated attacker with network a... read CVE-2019-2431
    Published: January 16, 2019; 02:30:31 PM -05:00

    V3: 6.1 MEDIUM
     V2: 4.3 MEDIUM