Vulnerabilities (CVE)

CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-0331 1 Ibm 2 Rational Collaborative Lifecycle Management, Rational Team Concert 2017-07-30 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 6.0.1 and 6.0.2 before 6.0.2 iFix2 and Rational Collaborative Lifecycle Management 6.0.1 and 6.0.2 before 6.0.2 iFix2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVE-2016-6416 1 Cisco 3 Content Security Management Appliance, Email Security Appliance, Web Security Appliance 2017-07-30 4.3 MEDIUM 5.9 MEDIUM
The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz86065.
CVE-2016-6423 1 Cisco 1 Ios 2017-07-30 6.3 MEDIUM 6.5 MEDIUM
The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540.
CVE-2016-6425 1 Cisco 2 Unified Contact Center Express, Unified Intelligence Center 2017-07-30 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuy75020 and CSCuy81652.
CVE-2016-4618 1 Apple 2 Iphone Os, Safari 2017-07-30 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)."
CVE-2016-0921 1 Emc 1 Avamar Server 2017-07-30 6.9 MEDIUM 6.5 MEDIUM
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use weak permissions for unspecified directories, which allows local users to obtain root access by replacing a script with a Trojan horse program.
CVE-2016-0905 1 Emc 1 Avamar Server 2017-07-30 7.2 HIGH 6.7 MEDIUM
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command.
CVE-2015-7363 1 Fortinet 4 Fortianalyzer, Fortianalyzer Firmware, Fortimanager and 1 more 2017-07-30 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in the advanced settings page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.3, in hardware models with a hard disk, and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.3 allows remote administrators to inject arbitrary web script or HTML via vectors related to report filters.
CVE-2016-5631 2 Mariadb, Oracle 2 Mariadb, Mysql 2017-07-29 4.0 MEDIUM 4.9 MEDIUM
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.
CVE-2016-5628 2 Mariadb, Oracle 2 Mariadb, Mysql 2017-07-29 4.0 MEDIUM 4.9 MEDIUM
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.
CVE-2016-8295 1 Oracle 1 Peoplesoft Enterprise Human Capital Management Time And Labor 2017-07-29 4.0 MEDIUM 4.3 MEDIUM
Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors.
CVE-2016-5493 1 Oracle 1 Flexcube Private Banking 2017-07-29 4.9 MEDIUM 4.2 MEDIUM
Unspecified vulnerability in the Oracle FLEXCUBE Private Banking component in Oracle Financial Services Applications 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
CVE-2016-5538 1 Oracle 1 Vm Virtualbox 2017-07-29 7.2 HIGH 6.7 MEDIUM
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5501.
CVE-2016-5543 1 Oracle 1 Flexcube Enterprise Limits And Collateral Management 2017-07-29 5.8 MEDIUM 6.1 MEDIUM
Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component in Oracle Financial Services Applications 12.0.0 and 12.1.0 allows remote attackers to affect confidentiality and integrity via vectors related to INFRA.
CVE-2016-5604 1 Oracle 1 Enterprise Manager Base Platform 2017-07-29 3.3 LOW 6.3 MEDIUM
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerability than CVE-2016-3563.
CVE-2016-5517 1 Oracle 1 Applications Dba 2017-07-29 2.1 LOW 5.5 MEDIUM
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 allows local users to affect confidentiality via vectors related to AD Utilities.
CVE-2016-5516 1 Oracle 1 Database Server 2017-07-29 4.7 MEDIUM 6.0 MEDIUM
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors.
CVE-2016-5596 1 Oracle 1 Customer Relationship Management Technical Foundation 2017-07-29 4.0 MEDIUM 4.3 MEDIUM
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality via unknown vectors.
CVE-2016-5505 1 Oracle 1 Database Server 2017-07-29 2.1 LOW 5.5 MEDIUM
Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors.
CVE-2016-5603 1 Oracle 1 Flexcube Universal Banking 2017-07-29 4.0 MEDIUM 4.3 MEDIUM
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5621.
CVE-2016-8287 1 Oracle 1 Mysql 2017-07-29 3.5 LOW 4.5 MEDIUM
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.
CVE-2016-3014 1 Ibm 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more 2017-07-29 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Quality Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Team Concert 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational DOORS Next Generation 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Rhapsody Design Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, and Rational Software Architect Design Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-5622 1 Oracle 1 Flexcube Universal Banking 2017-07-29 7.8 HIGH 6.1 MEDIUM
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote attackers to affect confidentiality and integrity via vectors related to INFRA.
CVE-2016-8285 1 Oracle 1 Peoplesoft Enterprise Human Capital Management Candidate Gateway 2017-07-29 4.9 MEDIUM 4.8 MEDIUM
Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote administrators to affect confidentiality and integrity via vectors related to Candidate Gateway.
CVE-2016-6451 1 Cisco 1 Prime Collaboration Provisioning 2017-07-29 4.3 MEDIUM 6.1 MEDIUM
Multiple vulnerabilities in the web framework code of the Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. More Information: CSCut43061 CSCut43066 CSCut43736 CSCut43738 CSCut43741 CSCut43745 CSCut43748 CSCut43751 CSCut43756 CSCut43759 CSCut43764 CSCut43766. Known Affected Releases: 10.6.
CVE-2016-5328 2 Apple, Vmware 2 Mac Os X, Tools 2017-07-29 2.1 LOW 5.5 MEDIUM
VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors.
CVE-2016-5329 2 Apple, Vmware 2 Mac Os X, Fusion 2017-07-29 2.1 LOW 5.5 MEDIUM
VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors.
CVE-2016-5621 1 Oracle 1 Flexcube Universal Banking 2017-07-29 4.0 MEDIUM 4.3 MEDIUM
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 and 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5603.
CVE-2016-5594 1 Oracle 1 Flexcube Universal Banking 2017-07-29 4.0 MEDIUM 5.0 MEDIUM
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to INFRA.
CVE-2016-5620 1 Oracle 1 Flexcube Universal Banking 2017-07-29 5.5 MEDIUM 5.4 MEDIUM
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to INFRA, a different vulnerability than CVE-2016-5619.
CVE-2016-5479 1 Oracle 1 Flexcube Universal Banking 2017-07-29 4.0 MEDIUM 4.3 MEDIUM
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 allows remote authenticated users to affect confidentiality via vectors related to INFRA.
CVE-2016-5502 1 Oracle 1 Flexcube Universal Banking 2017-07-29 5.5 MEDIUM 5.4 MEDIUM
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality and integrity via vectors related to INFRA.
CVE-2016-5575 1 Oracle 1 Common Applications 2017-07-29 5.0 MEDIUM 5.3 MEDIUM
Unspecified vulnerability in the Oracle Common Applications Calendar component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Resources Module.
CVE-2016-5572 1 Oracle 1 Database 2017-07-29 4.4 MEDIUM 6.4 MEDIUM
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2016-5571 1 Oracle 1 Applications Dba 2017-07-29 5.5 MEDIUM 6.5 MEDIUM
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 and 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities, a different vulnerability than CVE-2016-5567.
CVE-2016-5570 1 Oracle 1 Applications Dba 2017-07-29 5.5 MEDIUM 6.5 MEDIUM
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities.
CVE-2016-4686 1 Apple 1 Iphone Os 2017-07-29 3.6 LOW 4.4 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "Contacts" component, which does not prevent an app's Address Book access after access revocation.
CVE-2016-5569 1 Oracle 1 Flexcube Enterprise Limits And Collateral Management 2017-07-29 5.5 MEDIUM 5.4 MEDIUM
Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component in Oracle Financial Services Applications 12.0.0 and 12.1.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
CVE-2016-5600 1 Oracle 1 Peoplesoft Enterprise Supply Chain Management Services Procurement 2017-07-29 5.5 MEDIUM 5.4 MEDIUM
Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
CVE-2016-5567 1 Oracle 1 Applications Dba 2017-07-29 5.5 MEDIUM 6.5 MEDIUM
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 and 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities, a different vulnerability than CVE-2016-5571.
CVE-2016-5602 1 Oracle 1 Data Integrator 2017-07-29 3.5 LOW 5.7 MEDIUM
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine.
CVE-2016-6438 1 Cisco 1 Ios Xe 2017-07-29 4.3 MEDIUM 5.9 MEDIUM
A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. This vulnerability affects the following releases of Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers: All 3.16S releases, All 3.17S releases, Release 3.18.0S, Release 3.18.1S, Release 3.18.0SP. More Information: CSCuz62815. Known Affected Releases: 15.5(3)S2.9, 15.6(2)SP. Known Fixed Releases: 15.6(1.7)SP1, 16.4(0.183), 16.5(0.1).
CVE-2016-1423 1 Cisco 1 Email Security Appliance 2017-07-29 4.3 MEDIUM 6.1 MEDIUM
A vulnerability in the display of email messages in the Messages in Quarantine (MIQ) view in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a user to click a malicious link in the MIQ view. The malicious link could be used to facilitate a cross-site scripting (XSS) or HTML injection attack. More Information: CSCuz02235. Known Affected Releases: 8.0.2-069. Known Fixed Releases: 9.1.1-038 9.7.2-047.
CVE-2016-5566 1 Oracle 1 Solaris 2017-07-29 5.0 MEDIUM 5.3 MEDIUM
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect confidentiality via unknown vectors.
CVE-2016-8294 1 Oracle 1 Peoplesoft Enterprise Peopletools 2017-07-29 4.0 MEDIUM 4.3 MEDIUM
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors.
CVE-2016-6437 1 Cisco 1 Wide Area Application Services 2017-07-29 7.1 HIGH 5.9 MEDIUM
A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation. More Information: CSCva03095. Known Affected Releases: 5.3(5), 6.1(1), 6.2(1). Known Fixed Releases: 5.3(5g)1, 6.2(2.32).
CVE-2016-5553 1 Oracle 1 Solaris 2017-07-29 4.7 MEDIUM 5.0 MEDIUM
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors.
CVE-2016-4663 1 Apple 1 Mac Os X 2017-07-29 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to cause a denial of service (memory corruption) via a crafted app.
CVE-2016-4661 1 Apple 1 Mac Os X 2017-07-29 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ntfs" component, which misparses disk images and allows attackers to cause a denial of service via a crafted app.
CVE-2016-5532 1 Oracle 1 Shipping Execution 2017-07-29 5.0 MEDIUM 5.3 MEDIUM
Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Workflow Events.