Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-0447 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via vectors related to Configurator DMZ rules.
|
|||||
| CVE-2014-2428 | 3 Ibm, Microsoft, Oracle | 4 Forms Viewer, Windows, Jdk and 1 more | 2025-04-12 | 7.6 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
|
|||||
| CVE-2014-7892 | 1 Hp | 8 Integrated Single Head Msr W\/o Sred J1a33aa, Integrated Single Head W\/o Msr Sred J1a34aa, Mini Msr Fk186aa and 5 more | 2025-04-12 | 10.0 HIGH | N/A |
|
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMSR.ocx for Mini MSR magnetic stripe readers, Retail Integrated Dual-Head MSR magnetic stripe readers, Integrated Single Head MSR w/o SRED magnetic stripe readers, Integrated Single Head w/o MSR SRED magnetic stripe readers, RP7 Single Head MSR w/o SRED magnetic stripe readers, POS keyboards, and POS keyboards with MSR, aka ZDI-CAN-2508.
|
|||||
| CVE-2016-1286 | 7 Canonical, Debian, Fedoraproject and 4 more | 47 Ubuntu Linux, Debian Linux, Fedora and 44 more | 2025-04-12 | 5.0 MEDIUM | 8.6 HIGH |
|
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
|
|||||
| CVE-2014-5203 | 1 Wordpress | 1 Wordpress | 2025-04-12 | 7.5 HIGH | N/A |
|
wp-includes/class-wp-customize-widgets.php in the widget implementation in WordPress 3.9.x before 3.9.2 might allow remote attackers to execute arbitrary code via crafted serialized data.
|
|||||
| CVE-2015-4904 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.
|
|||||
| CVE-2016-0453 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 1.8 LOW | N/A |
|
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server.
|
|||||
| CVE-2016-6346 | 1 Redhat | 1 Resteasy | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
|
RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors.
|
|||||
| CVE-2015-4842 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.
|
|||||
| CVE-2015-4891 | 1 Oracle | 1 Solaris | 2025-04-12 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to NSCD.
|
|||||
| CVE-2016-3458 | 1 Oracle | 3 Jdk, Jre, Linux | 2025-04-12 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.
|
|||||
| CVE-2015-4742 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote attackers to affect availability via vectors related to ADF Faces.
|
|||||
| CVE-2014-6472 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors related to LOV, a different vulnerability than CVE-2014-6539.
|
|||||
| CVE-2016-3584 | 1 Oracle | 1 Solaris | 2025-04-12 | 4.4 MEDIUM | 7.0 HIGH |
|
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Libadimalloc.
|
|||||
| CVE-2015-4772 | 2 Canonical, Oracle | 2 Ubuntu Linux, Mysql | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.
|
|||||
| CVE-2015-0368 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3, 6.3.1, 6.3.2, 6.3.3, 6.3.4, and 6.3.5 allows remote attackers to affect availability via unknown vectors related to Security.
|
|||||
| CVE-2014-4297 | 1 Oracle | 1 Database Server | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4296, CVE-2014-4310, CVE-2014-6547, and CVE-2014-6477.
|
|||||
| CVE-2016-0476 | 1 Oracle | 1 Enterprise Manager Grid Control | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0477 and CVE-2016-0478. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the DownloadServlet servlet ...
Show More |
|||||
| CVE-2014-8530 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information, affect integrity, or cause a denial of service via unknown vectors, related to simultaneous logins.
|
|||||
| CVE-2015-1419 | 2 Opensuse, Vsftpd Project | 2 Opensuse, Vsftpd | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in vsftpd 3.0.2 and earlier allows remote attackers to bypass access restrictions via unknown vectors, related to deny_file parsing.
|
|||||
| CVE-2014-0432 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0455 and CVE-2014-2402.
|
|||||
| CVE-2015-2589 | 1 Oracle | 1 Solaris | 2025-04-12 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to S10 Branded Zone.
|
|||||
| CVE-2014-2517 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-12 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to gain privileges via unknown vectors.
|
|||||
| CVE-2014-2484 | 2 Oracle, Suse | 3 Mysql, Linux Enterprise Desktop, Linux Enterprise Server | 2025-04-12 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS.
|
|||||
| CVE-2016-2019 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | 7.7 HIGH | 8.1 HIGH |
|
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and CVE-2016-2030.
|
|||||
| CVE-2015-4748 | 1 Oracle | 3 Jdk, Jre, Jrockit | 2025-04-12 | 7.6 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
|
|||||
| CVE-2016-0411 | 1 Oracle | 1 Enterprise Manager Grid Control | 2025-04-12 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1 and 11.2.0.4 allows local users to affect confidentiality, integrity, and availability via vectors related to Agent Next Gen.
|
|||||
| CVE-2016-5625 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.4 MEDIUM | 7.0 HIGH |
|
Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging.
|
|||||
| CVE-2015-2596 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u80 allows remote attackers to affect integrity via unknown vectors related to Hotspot.
|
|||||
| CVE-2014-2063 | 1 Jenkins | 1 Jenkins | 2025-04-12 | 7.5 HIGH | N/A |
|
Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
|
|||||
| CVE-2016-4144 | 8 Adobe, Apple, Google and 5 more | 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
|
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
|
|||||
| CVE-2016-0361 | 1 Ibm | 1 General Parallel File System | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
|
IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMIN passwords.
|
|||||
| CVE-2016-5790 | 1 Enghousenetworks | 1 Lighthouse Sms | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
|
Tollgrade LightHouse SMS before 5.1 patch 3 allows remote attackers to bypass authentication and restart the software via unspecified vectors.
|
|||||
| CVE-2016-5490 | 1 Oracle | 1 Flexcube Universal Banking | 2025-04-12 | 2.1 LOW | 3.3 LOW |
|
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.4.0 allows local users to affect confidentiality via vectors related to INFRA.
|
|||||
| CVE-2016-4277 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4278.
|
|||||
| CVE-2015-4813 | 2 Debian, Oracle | 2 Debian Linux, Vm Virtualbox | 2025-04-12 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when using a Windows guest, allows local users to affect availability via unknown vectors related to Core.
|
|||||
| CVE-2015-4845 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via vectors related to Java APIs - AOL/J. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to enumerate database users via a series of requests to Aoljtest.js.
|
|||||
| CVE-2016-0478 | 1 Oracle | 1 Application Testing Suite | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0476 and CVE-2016-0477. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the DownloadServlet servlet ...
Show More |
|||||
| CVE-2014-4226 | 1 Oracle | 1 Peoplesoft Products | 2025-04-12 | 5.1 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise FIN Install component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2014-0568 | 2 Adobe, Microsoft | 3 Acrobat, Acrobat Reader, Windows | 2025-04-12 | 10.0 HIGH | N/A |
|
The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via an NTFS junction attack.
|
|||||