Security Vulnerabilities - CVEs Published In July 2016
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-5469 and CVE-2016-5471.
CVSS Score
5.5
EPSS Score
0.002
Published
2016-07-21
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2 allows remote attackers to affect availability via vectors related to OS Provisioning.
CVSS Score
6.5
EPSS Score
0.01
Published
2016-07-21
Unspecified vulnerability in the Hyperion Financial Reporting component in Oracle Hyperion 11.1.2.4 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Security Models.
CVSS Score
9.8
EPSS Score
0.036
Published
2016-07-21
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Wireless Framework. NOTE: the previous information is from the July 2016 CPU. Oracle has not commented on third-party claims that this issue is a cross-site scripting (XSS) vulnerability, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
8.2
EPSS Score
0.005
Published
2016-07-21
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.4.0, and 6.4.1 allows remote authenticated users to affect confidentiality via vectors related to Database.
CVSS Score
3.0
EPSS Score
0.003
Published
2016-07-21
Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
CVSS Score
6.7
EPSS Score
0.001
Published
2016-07-21
Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors.
CVSS Score
4.4
EPSS Score
0.001
Published
2016-07-21
Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 11.1.1.8, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVSS Score
8.1
EPSS Score
0.049
Published
2016-07-21
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.
CVSS Score
6.5
EPSS Score
0.053
Published
2016-07-21
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.
CVSS Score
2.9
EPSS Score
0.001
Published
2016-07-21