Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4742 | 1 Apple | 1 Mac Os X | 2017-07-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| NSSecureTextField in Apple OS X before 10.12 does not enable Secure Input, which allows attackers to discover credentials via a crafted app. | |||||
| CVE-2016-1433 | 1 Cisco | 1 Ios Xr | 2017-07-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cisco IOS XR 6.0 and 6.0.1 on NCS 6000 devices allows remote attackers to cause a denial of service (OSPFv3 process reload) via crafted OSPFv3 packets, aka Bug ID CSCuz66289. | |||||
| CVE-2016-4722 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-07-30 | 7.1 HIGH | 5.9 MEDIUM |
| The IDS - Connectivity component in Apple iOS before 10 and OS X before 10.12 allows man-in-the-middle attackers to conduct Call Relay spoofing attacks and cause a denial of service via unspecified vectors. | |||||
| CVE-2016-4713 | 1 Apple | 1 Mac Os X | 2017-07-30 | 4.3 MEDIUM | 5.3 MEDIUM |
| CoreDisplay in Apple OS X before 10.12 allows attackers to view arbitrary users' screens by leveraging screen-sharing access. | |||||
| CVE-2016-4707 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-07-30 | 2.1 LOW | 4.0 MEDIUM |
| CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors. | |||||
| CVE-2016-4618 | 1 Apple | 2 Iphone Os, Safari | 2017-07-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)." | |||||
| CVE-2016-0921 | 1 Emc | 1 Avamar Server | 2017-07-30 | 6.9 MEDIUM | 6.5 MEDIUM |
| Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use weak permissions for unspecified directories, which allows local users to obtain root access by replacing a script with a Trojan horse program. | |||||
| CVE-2016-4706 | 1 Apple | 1 Mac Os X | 2017-07-30 | 4.9 MEDIUM | 5.5 MEDIUM |
| cd9660 in Apple OS X before 10.12 allows local users to cause a denial of service via unspecified vectors. | |||||
| CVE-2016-4661 | 1 Apple | 1 Mac Os X | 2017-07-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ntfs" component, which misparses disk images and allows attackers to cause a denial of service via a crafted app. | |||||
| CVE-2016-4663 | 1 Apple | 1 Mac Os X | 2017-07-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2016-5517 | 1 Oracle | 1 Applications Dba | 2017-07-29 | 2.1 LOW | 5.5 MEDIUM |
| Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 allows local users to affect confidentiality via vectors related to AD Utilities. | |||||
| CVE-2016-1423 | 1 Cisco | 1 Email Security Appliance | 2017-07-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability in the display of email messages in the Messages in Quarantine (MIQ) view in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a user to click a malicious link in the MIQ view. The malicious link could be used to facilitate a cross-site scripting (XSS) or HTML injection attack. More Information: CSCuz02235. Known Affected Releases: 8.0.2-069. Known Fixed Releases: 9.1.1-038 9.7.2-047. | |||||
| CVE-2016-4613 | 1 Apple | 4 Apple Tv, Icloud, Itunes and 1 more | 2017-07-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site. | |||||
| CVE-2016-5606 | 1 Oracle | 1 Solaris | 2017-07-29 | 5.6 MEDIUM | 6.1 MEDIUM |
| Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones. | |||||
| CVE-2016-5559 | 1 Oracle | 1 Solaris | 2017-07-29 | 4.0 MEDIUM | 4.1 MEDIUM |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect integrity via vectors related to Kernel. | |||||
| CVE-2016-4686 | 1 Apple | 1 Iphone Os | 2017-07-29 | 3.6 LOW | 4.4 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "Contacts" component, which does not prevent an app's Address Book access after access revocation. | |||||
| CVE-2016-5538 | 1 Oracle | 1 Vm Virtualbox | 2017-07-29 | 7.2 HIGH | 6.7 MEDIUM |
| Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5501. | |||||
| CVE-2016-5543 | 1 Oracle | 1 Flexcube Enterprise Limits And Collateral Management | 2017-07-29 | 5.8 MEDIUM | 6.1 MEDIUM |
| Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component in Oracle Financial Services Applications 12.0.0 and 12.1.0 allows remote attackers to affect confidentiality and integrity via vectors related to INFRA. | |||||
| CVE-2016-8564 | 1 Siemens | 1 Automation License Manager | 2017-07-29 | 6.4 MEDIUM | 6.5 MEDIUM |
| SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410. | |||||
| CVE-2016-5516 | 1 Oracle | 1 Database Server | 2017-07-29 | 4.7 MEDIUM | 6.0 MEDIUM |
| Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors. | |||||
| CVE-2016-5493 | 1 Oracle | 1 Flexcube Private Banking | 2017-07-29 | 4.9 MEDIUM | 4.2 MEDIUM |
| Unspecified vulnerability in the Oracle FLEXCUBE Private Banking component in Oracle Financial Services Applications 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2016-5553 | 1 Oracle | 1 Solaris | 2017-07-29 | 4.7 MEDIUM | 5.0 MEDIUM |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors. | |||||
| CVE-2016-8295 | 1 Oracle | 1 Peoplesoft Enterprise Human Capital Management Time And Labor | 2017-07-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2016-8294 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2017-07-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2016-8292 | 1 Oracle | 1 Peoplesoft Enterprise Human Capital Management Talent Acquisition Manager | 2017-07-29 | 5.8 MEDIUM | 4.2 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to Talent Acquisition Manager. | |||||
| CVE-2016-8290 | 1 Oracle | 1 Mysql | 2017-07-29 | 3.5 LOW | 4.4 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633. | |||||
| CVE-2016-8289 | 1 Oracle | 1 Mysql | 2017-07-29 | 3.3 LOW | 4.7 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB. | |||||
| CVE-2016-8287 | 1 Oracle | 1 Mysql | 2017-07-29 | 3.5 LOW | 4.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication. | |||||
| CVE-2016-8285 | 1 Oracle | 1 Peoplesoft Enterprise Human Capital Management Candidate Gateway | 2017-07-29 | 4.9 MEDIUM | 4.8 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote administrators to affect confidentiality and integrity via vectors related to Candidate Gateway. | |||||
| CVE-2016-5529 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2017-07-29 | 5.8 MEDIUM | 6.1 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Integration Broker, a different vulnerability than CVE-2016-5530 and CVE-2016-8293. | |||||
| CVE-2016-5511 | 1 Oracle | 1 Webcenter Sites | 2017-07-29 | 4.3 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 12.2.1.0.0, 12.2.1.1.0, and 12.2.1.2.0 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2016-5632 | 2 Mariadb, Oracle | 2 Mariadb, Mysql | 2017-07-29 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. | |||||
| CVE-2016-5328 | 2 Apple, Vmware | 2 Mac Os X, Tools | 2017-07-29 | 2.1 LOW | 5.5 MEDIUM |
| VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors. | |||||
| CVE-2016-5329 | 2 Apple, Vmware | 2 Mac Os X, Fusion | 2017-07-29 | 2.1 LOW | 5.5 MEDIUM |
| VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors. | |||||
| CVE-2016-5479 | 1 Oracle | 1 Flexcube Universal Banking | 2017-07-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 allows remote authenticated users to affect confidentiality via vectors related to INFRA. | |||||
| CVE-2016-5502 | 1 Oracle | 1 Flexcube Universal Banking | 2017-07-29 | 5.5 MEDIUM | 5.4 MEDIUM |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality and integrity via vectors related to INFRA. | |||||
| CVE-2016-5635 | 2 Mariadb, Oracle | 2 Mariadb, Mysql | 2017-07-29 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit. | |||||
| CVE-2016-5487 | 1 Oracle | 1 Solaris | 2017-07-29 | 4.6 MEDIUM | 5.3 MEDIUM |
| Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2016-3495 | 2 Mariadb, Oracle | 2 Mariadb, Mysql | 2017-07-29 | 6.8 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. | |||||
| CVE-2016-5634 | 2 Mariadb, Oracle | 2 Mariadb, Mysql | 2017-07-29 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR. | |||||
| CVE-2016-5633 | 2 Mariadb, Oracle | 2 Mariadb, Mysql | 2017-07-29 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290. | |||||
| CVE-2016-5604 | 1 Oracle | 1 Enterprise Manager Base Platform | 2017-07-29 | 3.3 LOW | 6.3 MEDIUM |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerability than CVE-2016-3563. | |||||
| CVE-2016-5603 | 1 Oracle | 1 Flexcube Universal Banking | 2017-07-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5621. | |||||
| CVE-2016-5602 | 1 Oracle | 1 Data Integrator | 2017-07-29 | 3.5 LOW | 5.7 MEDIUM |
| Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine. | |||||
| CVE-2016-5600 | 1 Oracle | 1 Peoplesoft Enterprise Supply Chain Management Services Procurement | 2017-07-29 | 5.5 MEDIUM | 5.4 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2016-5596 | 1 Oracle | 1 Customer Relationship Management Technical Foundation | 2017-07-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2016-5594 | 1 Oracle | 1 Flexcube Universal Banking | 2017-07-29 | 4.0 MEDIUM | 5.0 MEDIUM |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to INFRA. | |||||
| CVE-2016-5530 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2017-07-29 | 5.8 MEDIUM | 6.1 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Integration Broker, a different vulnerability than CVE-2016-5529 and CVE-2016-8293. | |||||
| CVE-2016-5581 | 1 Oracle | 1 Irecruitment | 2017-07-29 | 4.6 MEDIUM | 6.6 MEDIUM |
| Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2016-5585 | 1 Oracle | 1 Interaction Center Intelligence | 2017-07-29 | 6.4 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in the Oracle Interaction Center Intelligence component in Oracle E-Business Suite 12.1.1 through 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors. | |||||