Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-1991 | 1 Microfocus | 1 Arcsight Enterprise Security Manager | 2025-04-12 | 6.0 MEDIUM | 8.0 HIGH |
|
HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors.
|
|||||
| CVE-2014-2425 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect confidentiality via unknown vectors.
|
|||||
| CVE-2016-3479 | 1 Oracle | 1 Database | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
|
Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors.
|
|||||
| CVE-2015-0439 | 3 Novell, Oracle, Suse | 5 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Mysql and 2 more | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.
|
|||||
| CVE-2016-2468 | 1 Google | 1 Android | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
|
The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows attackers to gain privileges via a crafted application, aka internal bug 27475454.
|
|||||
| CVE-2016-3548 | 1 Oracle | 1 Marketing | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Marketing activity collateral.
|
|||||
| CVE-2016-0409 | 1 Oracle | 1 Peoplesoft Products | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise HCM Global Payroll Switzerland component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via vectors related to Security.
|
|||||
| CVE-2016-0457 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 12.1 and 12.2 allows remote attackers to affect confidentiality via vectors related to REST Framework, a different vulnerability than CVE-2016-0456. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability, which allows remote attackers to read arbitrary files, cause a den ...
Show More |
|||||
| CVE-2016-3524 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 5.5 MEDIUM | 5.4 MEDIUM |
|
Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Configuration.
|
|||||
| CVE-2015-0370 | 1 Oracle | 1 Database Server | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2013-5858.
|
|||||
| CVE-2016-0545 | 1 Oracle | 1 Customer Intelligence | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-0551, CVE-2016-0552, CVE-2016-0559, and CVE-2016-0560.
|
|||||
| CVE-2015-4851 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to XML input. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability, which allows remote attackers to read arbitrary files, cause a denial of service, or c ...
Show More |
|||||
| CVE-2016-6174 | 2 Invisioncommunity, Php | 2 Invision Power Board, Php | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
|
applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter.
|
|||||
| CVE-2016-2020 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | 8.5 HIGH | 8.1 HIGH |
|
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2021, CVE-2016-2022, and CVE-2016-2030.
|
|||||
| CVE-2015-8051 | 1 Adobe | 1 Premiere Clip | 2025-04-12 | 10.0 HIGH | N/A |
|
The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecified input, which has unknown impact and attack vectors.
|
|||||
| CVE-2016-3428 | 1 Oracle | 1 Agile Engineering Data Management | 2025-04-12 | 1.8 LOW | 3.1 LOW |
|
Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect availability via vectors related to Engineering Communication Interface.
|
|||||
| CVE-2015-0422 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, and 6.3.5 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure.
|
|||||
| CVE-2015-4441 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4445, CVE-2015-4447, CVE-2015-4451, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086.
|
|||||
| CVE-2016-4007 | 1 Opensuse | 2 Leap, Opensuse | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
|
Multiple unspecified vulnerabilities in the obs-service-extract_file package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via a service definition, related to executing unzip with "illegal options."
|
|||||
| CVE-2014-6531 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
|
|||||
| CVE-2015-5370 | 2 Canonical, Samba | 2 Ubuntu Linux, Samba | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
|
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.
|
|||||
| CVE-2015-2600 | 1 Oracle | 1 Siebel Crm | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Siebel Core - Server OM Svcs component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.
|
|||||
| CVE-2014-1704 | 1 Google | 2 Chrome, V8 | 2025-04-12 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
|||||
| CVE-2014-6530 | 3 Mariadb, Oracle, Suse | 7 Mariadb, Mysql, Solaris and 4 more | 2025-04-12 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP.
|
|||||
| CVE-2016-1420 | 1 Cisco | 2 Application Infrastructure Controller, Application Policy Infrastructure Controller Firmware | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
|
The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347.
|
|||||
| CVE-2016-5456 | 1 Oracle | 1 Siebel Core-server Framework | 2025-04-12 | 6.3 MEDIUM | 5.3 MEDIUM |
|
Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via vectors related to Services.
|
|||||
| CVE-2016-0528 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to User GUI, a different vulnerability than CVE-2016-0527, CVE-2016-0529, and CVE-2016-0530.
|
|||||
| CVE-2015-0395 | 6 Canonical, Debian, Novell and 3 more | 7 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Server and 4 more | 2025-04-12 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
|
|||||
| CVE-2016-3449 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 7.6 HIGH | 8.3 HIGH |
|
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.
|
|||||
| CVE-2016-4787 | 2 Ivanti, Pulsesecure | 2 Connect Secure, Pulse Connect Secure | 2025-04-12 | 6.4 MEDIUM | 10.0 CRITICAL |
|
Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read sensitive system authentication files in an unspecified directory via unknown vectors.
|
|||||
| CVE-2016-3510 | 1 Oracle | 1 Weblogic Server | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3586.
|
|||||
| CVE-2015-4923 | 1 Oracle | 1 Database Server | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown vectors.
|
|||||
| CVE-2015-1212 | 7 Apple, Canonical, Google and 4 more | 11 Macos, Ubuntu Linux, Chrome and 8 more | 2025-04-12 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
|||||
| CVE-2016-0464 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to WLS-Console.
|
|||||
| CVE-2015-4789 | 1 Oracle | 1 Berkeley Db | 2025-04-12 | 6.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2654, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE ...
Show More |
|||||
| CVE-2015-4786 | 1 Oracle | 1 Berkeley Db | 2025-04-12 | 6.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2654, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE ...
Show More |
|||||
| CVE-2016-4971 | 4 Canonical, Gnu, Oracle and 1 more | 4 Ubuntu Linux, Wget, Solaris and 1 more | 2025-04-12 | 4.3 MEDIUM | 8.8 HIGH |
|
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
|
|||||
| CVE-2016-5609 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
|
|||||
| CVE-2014-6499 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to WebLogic Tuxedo Connector.
|
|||||
| CVE-2015-2786 | 1 Mybb | 1 Mybb | 2025-04-12 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in MyBB (aka MyBulletinBoard) before 1.8.4 has unknown attack vectors related to "Group join request notifications sent to wrong group leaders."
|
|||||