Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-4768 | 1 Ibm | 4 Flex System X3850 X6, Flex System X3950 X6, Flex System X880 X6 and 1 more | 2025-04-12 | 2.1 LOW | N/A |
|
IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of service by using privileged access to enable a legacy boot mode.
|
|||||
| CVE-2015-0385 | 1 Oracle | 1 Mysql | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.
|
|||||
| CVE-2016-5837 | 1 Wordpress | 1 Wordpress | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
|
WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors.
|
|||||
| CVE-2015-2567 | 2 Novell, Oracle | 4 Suse Linux, Suse Linux For Vmware, Suse Linux Sdk and 1 more | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.
|
|||||
| CVE-2016-3512 | 1 Oracle | 1 Customer Interaction History | 2025-04-12 | 7.8 HIGH | 8.2 HIGH |
|
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Function Security.
|
|||||
| CVE-2014-2604 | 1 Hp | 2 Icewall Mcrp, Icewall Sso | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP IceWall SSO 10.0 Dfw and IceWall MCRP 2.1 and 3.0 allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2016-5583 | 1 Oracle | 1 One-to-one Fulfillment | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Unspecified vulnerability in the Oracle One-to-One Fulfillment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect integrity via unknown vectors.
|
|||||
| CVE-2015-4882 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA.
|
|||||
| CVE-2016-5336 | 1 Vmware | 1 Vrealize Automation | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
|
VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2015-4898 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via vectors related to Diagnostics and DMZ.
|
|||||
| CVE-2013-5704 | 5 Apache, Apple, Canonical and 2 more | 16 Http Server, Mac Os X, Mac Os X Server and 13 more | 2025-04-12 | 5.0 MEDIUM | N/A |
|
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
|
|||||
| CVE-2016-6351 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2025-04-12 | 7.2 HIGH | 6.7 MEDIUM |
|
The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the QEMU host via vectors involving DMA read into ESP command buffer.
|
|||||
| CVE-2014-8134 | 5 Canonical, Linux, Opensuse and 2 more | 6 Ubuntu Linux, Linux Kernel, Evergreen and 3 more | 2025-04-12 | 1.9 LOW | 3.3 LOW |
|
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.
|
|||||
| CVE-2015-2109 | 1 Hp | 1 Operations Orchestration | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.
|
|||||
| CVE-2016-1809 | 1 Apple | 1 Mac Os X | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
|
Disk Utility in Apple OS X before 10.11.5 uses incorrect encryption keys for disk images, which has unspecified impact and attack vectors.
|
|||||
| CVE-2015-0441 | 6 Canonical, Debian, Mariadb and 3 more | 13 Ubuntu Linux, Debian Linux, Mariadb and 10 more | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.
|
|||||
| CVE-2015-2617 | 2 Canonical, Oracle | 2 Ubuntu Linux, Mysql | 2025-04-12 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Partition.
|
|||||
| CVE-2015-1971 | 1 Ibm | 8 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 5 more | 2025-04-12 | 3.3 LOW | 4.3 MEDIUM |
|
Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Team Concert (RTC) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Requirements Composer (RRC) 2.x and 3.x before 3.0.1.6 IF7 and 4.0 through 4.0.7; Rational D ...
Show More |
|||||
| CVE-2014-6541 | 1 Oracle | 1 Database Server | 2025-04-12 | 6.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Recovery component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2, when running on Windows, allows remote authenticated users to affect confidentiality via vectors related to DBMS_IR.
|
|||||
| CVE-2016-3552 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 6.2 MEDIUM | 8.1 HIGH |
|
Unspecified vulnerability in Oracle Java SE 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
|
|||||
| CVE-2016-0599 | 1 Oracle | 1 Mysql | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle MySQL 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
|
|||||
| CVE-2013-3975 | 1 Ibm | 1 Sametime | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to discover user names, full names, and e-mail addresses via a search.
|
|||||
| CVE-2014-8952 | 1 Checkpoint | 1 Security Gateway | 2025-04-12 | 7.1 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Check Point Security Gateway R75.40VS, R75.45, R75.46, R75.47, R76, R77, and R77.10, when the (1) IPS blade, (2) IPsec Remote Access, (3) Mobile Access / SSL VPN blade, (4) SSL Network Extender, (5) Identify Awareness blade, (6) HTTPS Inspection, (7) UserCheck, or (8) Data Leak Prevention blade module is enabled, allow remote attackers to cause a denial of service ("stability issue") via an unspecified "traffic condition."
|
|||||
| CVE-2016-2007 | 1 Hp | 1 Data Protector | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
|
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3354.
|
|||||
| CVE-2014-2613 | 3 Hp, Linux, Microsoft | 3 Release Control, Linux Kernel, Windows | 2025-04-12 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to gain privileges via unknown vectors.
|
|||||
| CVE-2014-2505 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-12 | 5.4 MEDIUM | N/A |
|
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.
|
|||||
| CVE-2013-7358 | 1 Sap | 1 Guided Procedures Archive Monitor | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in SAP Guided Procedures Archive Monitor allows remote attackers to obtain usernames, roles, profiles, and possibly other identity information via unknown vectors.
|
|||||
| CVE-2016-3460 | 1 Oracle | 1 Peoplesoft Enterprise Human Capital Management Eperformance | 2025-04-12 | 5.5 MEDIUM | 5.4 MEDIUM |
|
Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to ePerformance.
|
|||||
| CVE-2016-1188 | 1 Cybozu | 1 Garoon | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to send spoofed e-mail messages via unspecified vectors.
|
|||||
| CVE-2014-1706 | 1 Google | 1 Chrome Os | 2025-04-12 | 7.5 HIGH | N/A |
|
crosh in Google Chrome OS before 33.0.1750.152 allows attackers to inject commands via unspecified vectors.
|
|||||
| CVE-2014-6475 | 1 Oracle | 1 Peoplesoft Products | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52, 8.53, and 8.54 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.
|
|||||
| CVE-2016-0402 | 2 Canonical, Oracle | 3 Ubuntu Linux, Jdk, Jre | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.
|
|||||
| CVE-2014-2457 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Agile Product Lifecycle component in Oracle Supply Chain Products Suite 6.0 and 6.1.0 allows remote attackers to affect integrity via unknown vectors related to Install.
|
|||||
| CVE-2014-6502 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 2.6 LOW | N/A |
|
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries.
|
|||||
| CVE-2015-4843 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
|
|||||
| CVE-2015-3038 | 7 Adobe, Apple, Linux and 4 more | 11 Flash Player, Mac Os X, Linux Kernel and 8 more | 2025-04-12 | 10.0 HIGH | N/A |
|
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
|
|||||
| CVE-2015-2647 | 1 Oracle | 3 Enterprise Manager Database Control, Enterprise Manager Grid Control, Enterprise Manager Plugin For Database Control | 2025-04-12 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Management.
|
|||||
| CVE-2015-4729 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment.
|
|||||
| CVE-2015-4780 | 1 Oracle | 1 Berkeley Db | 2025-04-12 | 6.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2654, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE-2015-4784, CVE ...
Show More |
|||||
| CVE-2015-4820 | 1 Oracle | 1 Solaris | 2025-04-12 | 6.2 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2015-4907.
|
|||||