Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-0495 | 2 Debian, Oracle | 2 Debian Linux, Vm Virtualbox | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and 5.0.14 allows remote attackers to affect availability via unknown vectors related to Core.
|
|||||
| CVE-2016-1704 | 5 Canonical, Google, Novell and 2 more | 8 Ubuntu Linux, Chrome, Suse Package Hub For Suse Linux Enterprise and 5 more | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
|
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
|||||
| CVE-2015-4804 | 1 Oracle | 1 Peoplesoft Products | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Management component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.
|
|||||
| CVE-2015-5406 | 1 Hp | 6 Centralview Credit Risk Control, Centralview Dealer Performance Audit, Centralview Fraud Risk Management and 3 more | 2025-04-12 | 9.0 HIGH | N/A |
|
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control 2.1, 2.2, and 2.3; CentralView Roaming Fraud Control 2.1, 2.2, and 2.3; and CentralView Subscription Fraud Prevention 2.0 and 2.1 allow remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5407 and CVE-2015-5408.
|
|||||
| CVE-2016-5519 | 1 Oracle | 1 Glassfish Server | 2025-04-12 | 6.5 MEDIUM | 8.8 HIGH |
|
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Java Server Faces.
|
|||||
| CVE-2014-3086 | 1 Ibm | 3 Lotus Domino, Lotus Notes, Websphere Real Time | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager.
|
|||||
| CVE-2015-7070 | 1 Apple | 1 Iphone Os | 2025-04-12 | 9.3 HIGH | N/A |
|
Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname, a different vulnerability than CVE-2015-7069.
|
|||||
| CVE-2014-4265 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment.
|
|||||
| CVE-2016-0404 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.2.2 allows remote attackers to affect integrity via vectors related to Admin.
|
|||||
| CVE-2014-2450 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
|
|||||
| CVE-2016-0485 | 1 Oracle | 1 Application Testing Suite | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0480, CVE-2016-0481, CVE-2016-0482, and CVE-2016-0486. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability ...
Show More |
|||||
| CVE-2014-3175 | 1 Google | 1 Chrome | 2025-04-12 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors, related to the load_truetype_glyph function in truetype/ttgload.c in FreeType and other functions in other components.
|
|||||
| CVE-2016-3324 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
|
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
|||||
| CVE-2016-3436 | 1 Oracle | 1 Common Applications Calendar | 2025-04-12 | 4.3 MEDIUM | 8.2 HIGH |
|
Unspecified vulnerability in the Oracle Common Applications Calendar component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Tasks.
|
|||||
| CVE-2016-3513 | 1 Oracle | 1 Communications Operations Monitor | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
|
Unspecified vulnerability in the Oracle Communications Operations Monitor component in Oracle Communications Applications before 3.3.92.0.0 allows remote authenticated users to affect confidentiality via vectors related to Infrastructure.
|
|||||
| CVE-2016-1285 | 7 Canonical, Debian, Fedoraproject and 4 more | 47 Ubuntu Linux, Debian Linux, Fedora and 44 more | 2025-04-12 | 4.3 MEDIUM | 6.8 MEDIUM |
|
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
|
|||||
| CVE-2014-6557 | 1 Oracle | 1 Enterprise Manager Grid Control | 2025-04-12 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Application Performance Management component in Oracle Enterprise Manager Grid Control before 12.1.0.6.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to End User Experience Management.
|
|||||
| CVE-2014-6519 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u67 and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Hotspot.
|
|||||
| CVE-2015-4811 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 1.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In PDF Export SDKutside In PDF Export SDK, a different vulnerability than CVE-2015-4809.
|
|||||
| CVE-2016-0514 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0515.
|
|||||
| CVE-2014-2440 | 3 Mariadb, Oracle, Redhat | 9 Mariadb, Mysql, Solaris and 6 more | 2025-04-12 | 5.1 MEDIUM | N/A |
|
Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2013-7457 | 1 Google | 1 Android | 2025-04-12 | 10.0 HIGH | 7.8 HIGH |
|
Unspecified vulnerability in the Qualcomm components in Android before 2016-07-05 allows attackers to gain privileges via a crafted application.
|
|||||
| CVE-2015-5200 | 2 Canonical, Libvdpau Project | 2 Ubuntu Linux, Libvdpau | 2025-04-12 | 6.3 MEDIUM | N/A |
|
The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors.
|
|||||
| CVE-2016-2141 | 1 Redhat | 3 Enterprise Linux, Jboss Enterprise Application Platform, Jgroups | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
|
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
|
|||||
| CVE-2015-0432 | 7 Canonical, Debian, Fedoraproject and 4 more | 14 Ubuntu Linux, Debian Linux, Fedora and 11 more | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.
|
|||||
| CVE-2015-6709 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-12 | 6.8 MEDIUM | N/A |
|
The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, ...
Show More |
|||||
| CVE-2015-4784 | 1 Oracle | 1 Berkeley Db | 2025-04-12 | 6.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2654, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE ...
Show More |
|||||
| CVE-2016-0662 | 1 Oracle | 1 Mysql | 2025-04-12 | 3.5 LOW | 5.5 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Partition.
|
|||||
| CVE-2016-1100 | 2 Adobe, Microsoft | 3 Flash Player, Edge, Internet Explorer | 2025-04-12 | 7.6 HIGH | 7.5 HIGH |
|
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
|
|||||
| CVE-2014-2648 | 2 Hp, Opengroup | 2 Operations Manager, Unix | 2025-04-12 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Operations Manager 9.10 and 9.11 on UNIX allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2016-7157 | 1 Qemu | 1 Qemu | 2025-04-12 | 2.1 LOW | 4.4 MEDIUM |
|
The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 functions in hw/scsi/mptconfig.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via vectors involving MPTSAS_CONFIG_PACK.
|
|||||
| CVE-2014-3426 | 1 Illinois | 1 Ncsa Mosaic | 2025-04-12 | 2.1 LOW | N/A |
|
NCSA Mosaic 2.1 through 2.7b5 allows local users to cause a denial of service ("remote control" outage) by creating a /tmp/Mosaic.pid file for every possible PID.
|
|||||
| CVE-2014-6236 | 1 Lumonet Php Include Project | 1 Lumonet Php Include | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the LumoNet PHP Include (lumophpinclude) extension before 1.2.1 for TYPO3 allows remote attackers to execute arbitrary scripts via vectors related to extension links.
|
|||||
| CVE-2014-1685 | 2 Fedoraproject, Zabbix | 2 Fedora, Zabbix | 2025-04-12 | 5.5 MEDIUM | N/A |
|
The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote "Zabbix Admin" users to modify the media of arbitrary users via unspecified vectors.
|
|||||
| CVE-2015-0302 | 4 Adobe, Apple, Linux and 1 more | 7 Adobe Air, Adobe Air Sdk, Adobe Air Sdk And Compiler and 4 more | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to obtain sensitive keystroke information via unspecified vectors.
|
|||||
| CVE-2016-0669 | 1 Oracle | 1 Solaris | 2025-04-12 | 5.2 MEDIUM | 6.0 MEDIUM |
|
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Fwflash.
|
|||||
| CVE-2016-2021 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | 7.7 HIGH | 8.1 HIGH |
|
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2022, and CVE-2016-2030.
|
|||||
| CVE-2016-0682 | 1 Oracle | 1 Berkeley Db | 2025-04-12 | 6.9 MEDIUM | 7.8 HIGH |
|
Unspecified vulnerability in the DataStore component in Oracle Berkeley DB 11.2.5.0.32, 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, 12.1.6.0.35, and 12.1.6.1.26 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2016-0689, CVE-2016-0692, CVE-2016-0694, and CVE-2016-3418.
|
|||||
| CVE-2016-3467 | 1 Oracle | 1 Application Express | 2025-04-12 | 5.0 MEDIUM | 5.8 MEDIUM |
|
Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0.4 allows remote attackers to affect availability via unknown vectors.
|
|||||
| CVE-2014-2409 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment.
|
|||||