Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6517 | 1 Oracle | 3 Jdk, Jre, Jrockit | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.
|
|||||
| CVE-2013-5459 | 1 Ibm | 2 Rational Software Architect Design Manager, Rhapsody Design Manager | 2025-04-12 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in IBM Rational Software Architect (RSA) Design Manager and Rational Rhapsody Design Manager 3.x through 3.0.1 and 4.x before 4.0.6 allows remote authenticated users to modify data by leveraging improper parameter checking.
|
|||||
| CVE-2015-2111 | 2 Hp, Microsoft | 3 Intelligent Provisioning, Windows Server 2008, Windows Server 2012 | 2025-04-12 | 2.1 LOW | N/A |
|
Unspecified vulnerability in HP Intelligent Provisioning 1.40 through 1.60 on Windows Server 2008 R2 and 2012 allows local users to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2016-0551 | 1 Oracle | 1 Customer Intelligence | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-0545, CVE-2016-0552, CVE-2016-0559, and CVE-2016-0560.
|
|||||
| CVE-2014-2417 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2416, and CVE-2014-2418.
|
|||||
| CVE-2015-0478 | 1 Oracle | 3 Jdk, Jre, Jrockit | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE.
|
|||||
| CVE-2016-5544 | 1 Oracle | 1 Solaris | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
|
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86.
|
|||||
| CVE-2014-8327 | 1 Fal Sftp Project | 1 Fal Sftp | 2025-04-12 | 4.0 MEDIUM | N/A |
|
The fal_sftp extension before 0.2.6 for TYPO3 uses weak permissions for sFTP driver files and folders, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
|
|||||
| CVE-2016-0532 | 1 Oracle | 1 Crm Technical Foundation | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security Assignments.
|
|||||
| CVE-2016-0602 | 1 Oracle | 1 Vm Virtualbox | 2025-04-12 | 6.2 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.14 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Windows Installer. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is an untrusted search path issue that allows local users to gain privileges via a Trojan horse dll in the "application directory."
|
|||||
| CVE-2015-4727 | 1 Oracle | 1 Virtualization Sun Ray | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Oracle Virtualization Sun Ray Software before 5.4.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Console.
|
|||||
| CVE-2014-7910 | 1 Google | 1 Chrome | 2025-04-12 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
|||||
| CVE-2014-3439 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | 6.1 MEDIUM | N/A |
|
ConsoleServlet in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to write to arbitrary files via unspecified vectors.
|
|||||
| CVE-2015-4858 | 7 Canonical, Debian, Fedoraproject and 4 more | 15 Ubuntu Linux, Debian Linux, Fedora and 12 more | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913.
|
|||||
| CVE-2015-0888 | 1 Kent-web | 1 Clip Board | 2025-04-12 | 6.4 MEDIUM | N/A |
|
KENT-WEB Clip Board before 4.1 allows remote attackers to delete arbitrary files via unspecified vectors.
|
|||||
| CVE-2015-0462 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, and 6.3.6 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.
|
|||||
| CVE-2014-2460 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, 6.2, 6.3, 6.3.1, 6.3.2, and 6.3.3 allows remote authenticated users to affect confidentiality via vectors related to CSV Management.
|
|||||
| CVE-2015-3276 | 3 Openldap, Oracle, Redhat | 9 Openldap, Linux, Enterprise Linux Desktop and 6 more | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
|
The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.
|
|||||
| CVE-2015-1201 | 1 Privoxy | 1 Privoxy | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Privoxy before 3.0.22 allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||
| CVE-2014-0349 | 1 J2k-codec | 1 J2k-codec | 2025-04-12 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in J2k-Codec allow remote attackers to execute arbitrary code via a crafted JPEG 2000 file.
|
|||||
| CVE-2014-6553 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 and 11.1.1.7 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Admin Console.
|
|||||
| CVE-2013-4846 | 1 Hp | 1 System Management Homepage | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2013-6209 | 1 Hp | 1 Hp-ux | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2014-1997 | 1 Aten | 2 Cn8000, Cn8000 Firmware | 2025-04-12 | 7.8 HIGH | N/A |
|
The ATEN CN8000 remote-access unit with firmware 1.6.154 and earlier allows remote attackers to cause a denial of service via unspecified vectors.
|
|||||
| CVE-2016-5458 | 1 Oracle | 1 Communications Eagle Application Processor | 2025-04-12 | 5.5 MEDIUM | 6.4 MEDIUM |
|
Unspecified vulnerability in the Oracle Communications EAGLE Application Processor component in Oracle Communications Applications 16.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to APPL.
|
|||||
| CVE-2014-6523 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality via vectors related to REST Interface.
|
|||||
| CVE-2015-4913 | 7 Canonical, Debian, Fedoraproject and 4 more | 15 Ubuntu Linux, Debian Linux, Fedora and 12 more | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
|
|||||
| CVE-2016-5387 | 8 Apache, Canonical, Debian and 5 more | 21 Http Server, Ubuntu Linux, Debian Linux and 18 more | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
|
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is no ...
Show More |
|||||
| CVE-2016-7440 | 4 Debian, Mariadb, Oracle and 1 more | 4 Debian Linux, Mariadb, Mysql and 1 more | 2025-04-12 | 2.1 LOW | 5.5 MEDIUM |
|
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
|
|||||
| CVE-2014-4205 | 1 Oracle | 1 Siebel Crm | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to Portal Framework, a different vulnerability than CVE-2014-2491.
|
|||||
| CVE-2015-2657 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, and 6.3.0 through 6.3.7 allows remote authenticated users to affect confidentiality via unknown vectors related to Business Process Automation.
|
|||||
| CVE-2014-0452 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423.
|
|||||
| CVE-2015-2627 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 2.6 LOW | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to installation.
|
|||||
| CVE-2014-4298 | 1 Oracle | 1 Database Server | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4299, CVE-2014-4300, CVE-2014-6452, CVE-2014-6454, and CVE-2014-6542.
|
|||||
| CVE-2014-6452 | 1 Oracle | 1 Database Server | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-6454, and CVE-2014-6542.
|
|||||
| CVE-2016-0544 | 1 Oracle | 1 Marketing | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Architecture.
|
|||||
| CVE-2015-0272 | 4 Canonical, Gnome, Oracle and 1 more | 9 Ubuntu Linux, Networkmanager, Linux and 6 more | 2025-04-12 | 5.0 MEDIUM | N/A |
|
GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.
|
|||||
| CVE-2015-2629 | 1 Oracle | 1 Database Server | 2025-04-12 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0457.
|
|||||
| CVE-2014-4254 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS - Web Services.
|
|||||
| CVE-2014-0426 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0413.
|
|||||