How severe is CVE-2019-2909?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2019-2909?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2019-2909

MEDIUM Year: 2019

CVSS v3 Score

6.8

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java VM. While the vulnerability is in Java VM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.0 Base Score 6.8 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N).

CVE-2012-1695

MEDIUM

CVSS:6.8(Medium)

Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, int...

NVD-CWE-Other2012

CVE-2015-8262

MEDIUM

CVSS:6.8(Medium)

Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof re...

NVD-CWE-Other2015

CVE-2015-8816

MEDIUM

CVSS:6.8(Medium)

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a d...

NVD-CWE-Other2015

CVE-2016-1285

MEDIUM

CVSS:6.8(Medium)

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (...

NVD-CWE-Other2016

CVE-2016-5304

MEDIUM

CVSS:6.8(Medium)

Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites ...

NVD-CWE-Other2016

CVE-2016-8318

MEDIUM

CVSS:6.8(Medium)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exp...

NVD-CWE-Other2016

CVE-2019-2909

Vulnerability Description

Related Vulnerabilities

CVE-2012-1695

CVE-2015-8262

CVE-2015-8816

CVE-2016-1285

CVE-2016-5304

CVE-2016-8318