NVD - Home

<strong>JSON Vulnerability Feeds 1.0 Released!</strong>

JSON Feed 1.0 Released

CPE Ranges

Multiple different visualizations displaying word, CWE, CVSS score distribution and more!

Vulnerability Visualizations

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

CVE-2019-2414 — Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastr... read CVE-2019-2414
Published: January 16, 2019; 02:30:31 PM -05:00

V3: 7.8 HIGH
V2: 4.6 MEDIUM
CVE-2019-2413 — Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware (subcomponent: Valid Session). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network acces... read CVE-2019-2413
Published: January 16, 2019; 02:30:31 PM -05:00

V3: 6.1 MEDIUM
V2: 5.8 MEDIUM
CVE-2019-2411 — Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). The supported version that is affected is 8.0.8. Easily exploitable vulnerability allows low... read CVE-2019-2411
Published: January 16, 2019; 02:30:31 PM -05:00

V3: 7.6 HIGH
V2: 4.9 MEDIUM
CVE-2019-2410 — Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: DGS RES Online, FMS Sender, FMS Receiver, OHC WPF Security). The supported version that is affected is 8.0... read CVE-2019-2410
Published: January 16, 2019; 02:30:31 PM -05:00

V3: 5.1 MEDIUM
V2: 3.6 LOW
CVE-2019-2406 — Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute Catalog Role pri... read CVE-2019-2406
Published: January 16, 2019; 02:30:31 PM -05:00

V3: 7.2 HIGH
V2: 6.5 MEDIUM
CVE-2019-2403 — Vulnerability in the Oracle Hospitality Simphony component of Oracle Food and Beverage Applications. The supported version that is affected is 2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comp... read CVE-2019-2403
Published: January 16, 2019; 02:30:30 PM -05:00

V3: 6.5 MEDIUM
V2: 6.4 MEDIUM
CVE-2018-3305 — Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploita... read CVE-2018-3305
Published: January 16, 2019; 02:29:36 PM -05:00

V3: 6.3 MEDIUM
V2: 6.5 MEDIUM
CVE-2019-2402 — Vulnerability in the Oracle Hospitality Simphony component of Oracle Food and Beverage Applications. The supported version that is affected is 2.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to co... read CVE-2019-2402
Published: January 16, 2019; 02:30:30 PM -05:00

V3: 7.7 HIGH
V2: 6.8 MEDIUM
CVE-2018-3304 — Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploita... read CVE-2018-3304
Published: January 16, 2019; 02:29:36 PM -05:00

V3: 6.5 MEDIUM
V2: 6.4 MEDIUM
CVE-2018-3303 — Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite (subcomponent: EM Console). Supported versions that are affected are 13.2 and 13.3. Easily exploitable vulnerability allows unauthenticated at... read CVE-2018-3303
Published: January 16, 2019; 02:29:36 PM -05:00

V3: 6.5 MEDIUM
V2: 6.4 MEDIUM
CVE-2019-2399 — Vulnerability in the Oracle Communications Diameter Signaling Router (DSR) component of Oracle Communications Applications (subcomponent: Security). The supported version that is affected is prior to 8.3. Easily exploitable vulnerability allows unaut... read CVE-2019-2399
Published: January 16, 2019; 02:30:30 PM -05:00

V3: 6.5 MEDIUM
V2: 6.4 MEDIUM
CVE-2019-0647 — An information disclosure vulnerability exists when Team Foundation Server does not properly handle variables marked as secret, aka "Team Foundation Server Information Disclosure Vulnerability." This affects Team.
Published: January 17, 2019; 01:29:00 PM -05:00

V3: 6.5 MEDIUM
V2: 4.0 MEDIUM
CVE-2019-2519 — Vulnerability in the PeopleSoft Enterprise SCM eProcurement component of Oracle PeopleSoft Products (subcomponent: Manage Requisition Status). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated atta... read CVE-2019-2519
Published: January 16, 2019; 02:30:35 PM -05:00

V3: 6.1 MEDIUM
V2: 5.8 MEDIUM
CVE-2019-2493 — Vulnerability in the PeopleSoft Enterprise CS Campus Community component of Oracle PeopleSoft Products (subcomponent: Frameworks). Supported versions that are affected are 9.0 and 9.2. Difficult to exploit vulnerability allows unauthenticated attacke... read CVE-2019-2493
Published: January 16, 2019; 02:30:33 PM -05:00

V3: 3.1 LOW
V2: 2.6 LOW
CVE-2019-2441 — Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Application Container - JavaEE). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker wit... read CVE-2019-2441
Published: January 16, 2019; 02:30:32 PM -05:00

V3: 5.3 MEDIUM
V2: 5.0 MEDIUM
CVE-2019-2437 — Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to c... read CVE-2019-2437
Published: January 16, 2019; 02:30:32 PM -05:00

V3: 7.5 HIGH
V2: 7.8 HIGH
CVE-2018-3309 — Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is prior to 5.2.22. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru... read CVE-2018-3309
Published: January 16, 2019; 02:29:36 PM -05:00

V3: 8.2 HIGH
V2: 4.6 MEDIUM
CVE-2019-2512 — Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8.4, 15.1, 15.2, 16.1, 16.2, 17.7-17.12 and 18.8. Di... read CVE-2019-2512
Published: January 16, 2019; 02:30:35 PM -05:00

V3: 4.7 MEDIUM
V2: 4.0 MEDIUM
CVE-2019-2487 — Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: UI Infrastructure). Supported versions that are affected are 6.3.7, 6.4.1, 6.4.2 and 6.4.3. Easily exploitable vulnerability allows l... read CVE-2019-2487
Published: January 16, 2019; 02:30:33 PM -05:00

V3: 6.5 MEDIUM
V2: 4.0 MEDIUM
CVE-2019-2432 — Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Login). Supported versions that are affected are 8.1 and 8.2. Difficult to exploit vulnerability allows low privileged attacker with network acce... read CVE-2019-2432
Published: January 16, 2019; 02:30:31 PM -05:00

V3: 4.9 MEDIUM
V2: 4.9 MEDIUM

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database