Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-0424 | 1 Oracle | 1 Integrated Lights Out Manager Firmware | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite ILOM prior to 3.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to IPMI.
|
|||||
| CVE-2014-0098 | 3 Apache, Canonical, Oracle | 4 Http Server, Ubuntu Linux, Http Server and 1 more | 2025-04-12 | 5.0 MEDIUM | N/A |
|
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
|
|||||
| CVE-2016-1766 | 1 Apple | 1 Iphone Os | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
|
The Profiles component in Apple iOS before 9.3 does not properly validate certificates, which allows attackers to spoof an MDM profile trust relationship via unspecified vectors.
|
|||||
| CVE-2016-3489 | 1 Oracle | 1 Database | 2025-04-12 | 7.2 HIGH | 6.7 MEDIUM |
|
Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2013-6219 | 1 Hp | 2 Hp-ux, Hp-ux Whitelisting | 2025-04-12 | 3.8 LOW | N/A |
|
Unspecified vulnerability in HP HP-UX Whitelisting (aka WLI) before A.01.02.02 on HP-UX B.11.31 allows local users to bypass intended access restrictions via unknown vectors.
|
|||||
| CVE-2014-6559 | 4 Juniper, Mariadb, Oracle and 1 more | 8 Junos Space, Mariadb, Mysql and 5 more | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.
|
|||||
| CVE-2014-2398 | 5 Canonical, Debian, Ibm and 2 more | 8 Ubuntu Linux, Debian Linux, Forms Viewer and 5 more | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
|
|||||
| CVE-2016-3447 | 1 Oracle | 1 Applications Framework | 2025-04-12 | 2.6 LOW | 6.9 MEDIUM |
|
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to OAF Core.
|
|||||
| CVE-2014-2435 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
|
|||||
| CVE-2015-0319 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2025-04-12 | 10.0 HIGH | N/A |
|
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0317.
|
|||||
| CVE-2014-2438 | 3 Mariadb, Oracle, Redhat | 8 Mariadb, Mysql, Enterprise Linux Desktop and 5 more | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.
|
|||||
| CVE-2014-6507 | 3 Mariadb, Oracle, Suse | 7 Mariadb, Mysql, Solaris and 4 more | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.
|
|||||
| CVE-2016-4964 | 1 Qemu | 1 Qemu | 2025-04-12 | 4.9 MEDIUM | 6.0 MEDIUM |
|
The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU process crash) via vectors involving s->state.
|
|||||
| CVE-2014-4233 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP.
|
|||||
| CVE-2016-3492 | 3 Mariadb, Oracle, Redhat | 8 Mariadb, Mysql, Enterprise Linux Desktop and 5 more | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
|
|||||
| CVE-2016-0515 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0514.
|
|||||
| CVE-2016-0535 | 1 Oracle | 1 Solaris | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via vectors related to RPC.
|
|||||
| CVE-2015-4850 | 1 Oracle | 1 Peoplesoft Products | 2025-04-12 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Talent Acquisition Management.
|
|||||
| CVE-2015-4847 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors related to OCI.
|
|||||
| CVE-2016-0579 | 1 Oracle | 1 Customer Relationship Management Technical Foundation | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0582, CVE-2016-0583, and CVE-2016-0584.
|
|||||
| CVE-2015-2608 | 1 Oracle | 1 Communications Applications | 2025-04-12 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in (1) the Oracle Communications Diameter Signaling Router (DSR) component in Oracle Communications Applications 4.1.6 and earlier, 5.1.0 and earlier, 6.0.2 and earlier, and 7.1.0 and earlier; (2) the Oracle Communications Performance Intelligence Center Software component in Oracle Communications Applications 9.0.3 and earlier and 10.1.5 and earlier; (3) the Oracle Communications Policy Management component in Oracle Communications Applications 9.9.0 and earlier, 10.5. ...
Show More |
|||||
| CVE-2014-3677 | 1 Redhat | 1 Shim | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.
|
|||||
| CVE-2015-0417 | 1 Oracle | 1 Siebel Crm | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2015-0388.
|
|||||
| CVE-2014-4283 | 1 Sun | 1 Sunos | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4277.
|
|||||
| CVE-2014-2471 | 1 Oracle | 1 Ilearning | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect integrity via unknown vectors related to Learner Pages.
|
|||||
| CVE-2015-4864 | 4 Canonical, Mariadb, Oracle and 1 more | 10 Ubuntu Linux, Mariadb, Mysql and 7 more | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.
|
|||||
| CVE-2015-6717 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-12 | 6.8 MEDIUM | N/A |
|
The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015- ...
Show More |
|||||
| CVE-2015-0505 | 6 Canonical, Debian, Mariadb and 3 more | 14 Ubuntu Linux, Debian Linux, Mariadb and 11 more | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
|
|||||
| CVE-2013-6939 | 1 Citrix | 1 Netscaler Application Delivery Controller Firmware | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to "RADIUS authentication."
|
|||||
| CVE-2015-6723 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-12 | 6.8 MEDIUM | N/A |
|
The ANTrustPropagateAll method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-201 ...
Show More |
|||||
| CVE-2015-0314 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2025-04-12 | 10.0 HIGH | N/A |
|
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330.
|
|||||
| CVE-2016-0698 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2025-04-12 | 4.3 MEDIUM | 5.4 MEDIUM |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Rich Text Editor, a different vulnerability than CVE-2016-3423.
|
|||||
| CVE-2015-6720 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-12 | 6.8 MEDIUM | N/A |
|
The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, ...
Show More |
|||||
| CVE-2014-4229 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.2, 6.3, 6.3.1, 6.3.2, 6.3.3, and 6.3.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Data, Domain, and Function Security.
|
|||||
| CVE-2015-4806 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
|
|||||
| CVE-2014-7897 | 1 Hp | 7 2d Value Wireless Scanner K3l28aa, Imaging Barcode Scanner Bw868aa, Linear Barcode Scanner Qy405aa and 4 more | 2025-04-12 | 10.0 HIGH | N/A |
|
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSScanner.ocx for Imaging Barcode scanners, Linear Barcode scanners, Presentation Barcode scanners, Retail Integrated Barcode scanners, Wireless Barcode scanners, and 2D Value Wireless scanners.
|
|||||
| CVE-2015-0472 | 1 Oracle | 1 Peoplesoft Products | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote authenticated users to affect integrity via vectors related to PIA Core Technology, a different vulnerability than CVE-2015-0487.
|
|||||
| CVE-2016-0555 | 1 Oracle | 1 Cadview-3d | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle CADView-3D component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Studio.
|
|||||
| CVE-2013-3678 | 1 Sap | 1 Governance Risk And Compliance | 2025-04-12 | 9.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in SAP Governance, Risk, and Compliance (GRC) allow remote authenticated users to gain privileges and execute arbitrary programs via a crafted (1) RFC or (2) SOAP-RFC request.
|
|||||
| CVE-2016-1620 | 1 Google | 1 Chrome | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
|
Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
|||||