CVE & Exploit Intelligence Database

Updated 2h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

338,223 CVEs tracked 53,283 with exploits 4,731 exploited in wild 1,542 CISA KEV 3,930 Nuclei templates 37,826 vendors 42,577 researchers

110,849 results Clear all

CVE-2016-3489 6.7 MEDIUM EPSS 0.00

Oracle Database Server <12.1.0.2 - Info Disclosure

Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2016-3488 4.4 MEDIUM EPSS 0.00

Oracle Database Server 12.1.0.2 - Info Disclosure

Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors.

CVE-2016-3486 6.5 MEDIUM EPSS 0.02

Oracle MySQL <5.6.31, <5.7.13 - DoS

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.

CVE-2016-3480 4.4 MEDIUM EPSS 0.00

Oracle Sun Systems Products Suite <4.3 - Info Disclosure

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect confidentiality via vectors related to HA for Postgresql.

CVE-2016-3478 6.1 MEDIUM EPSS 0.00

Oracle PeopleSoft Products <8.55 - Info Disclosure

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to File Processing.

CVE-2016-3476 6.5 MEDIUM EPSS 0.00

Oracle Siebel CRM 8.5.x - Info Disclosure

Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote attackers to affect confidentiality and integrity via vectors related to Information Manager Console.

CVE-2016-3475 4.3 MEDIUM EPSS 0.00

Oracle Siebel CRM 8.5.x - Info Disclosure

Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote authenticated users to affect confidentiality via vectors related to Information Manager Console.

CVE-2016-3472 5.7 MEDIUM EPSS 0.00

Oracle Siebel CRM <8.3 - Info Disclosure

Unspecified vulnerability in the Siebel Engineering - Installer and Deployment component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via vectors related to Web Server.

CVE-2016-3467 5.8 MEDIUM EPSS 0.01

Oracle Database Server <5.0.4 - DoS

Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0.4 allows remote attackers to affect availability via unknown vectors.

CVE-2016-3459 4.9 MEDIUM EPSS 0.01

Oracle MySQL <5.6.30, <5.7.12 - DoS

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.

CVE-2016-3458 4.3 MEDIUM EPSS 0.03

Oracle Java SE <8 - Integrity

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.

CVE-2016-3453 5.5 MEDIUM EPSS 0.00

Oracle Sun Solaris 10 - DoS

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to Kernel.

CVE-2016-3451 4.7 MEDIUM EPSS 0.00

Oracle Sun Systems Products Suite <3.2 - Info Disclosure

Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity via vectors related to Web.

CVE-2016-3448 6.1 MEDIUM EPSS 0.00

Oracle Database Server <5.0.4 - Info Disclosure

Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0.4 allows remote attackers to affect confidentiality and integrity via unknown vectors.

CVE-2016-3445 5.3 MEDIUM EPSS 0.01

Oracle WebLogic Server - DoS

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.3.0 allows remote attackers to affect availability via vectors related to Web Container, a different vulnerability than CVE-2016-5488.

CVE-2016-3433 5.4 MEDIUM EPSS 0.00

Oracle Business Intelligence Enterprise Edition - Confidentiality I...

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web Administration.

CVE-2016-3432 5.4 MEDIUM EPSS 0.00

Oracle Fusion Middleware <11.1.1.9.0 - Info Disclosure

Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Web Server.

CVE-2016-3424 4.9 MEDIUM EPSS 0.01

Oracle MySQL <5.7.12 - DoS

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.

CVE-2016-5655 5.9 MEDIUM EPSS 0.00

Misys FusionCapital Opics Plus - Info Disclosure

Misys FusionCapital Opics Plus does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate.

CVE-2016-5653 6.5 MEDIUM EPSS 0.00

Misys FusionCapital Opics Plus - SQL Injection

Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Plus allow remote authenticated users to execute arbitrary SQL commands via the (1) ID or (2) Branch parameter.

CWE-89 Jul 19, 2016