Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6166 | 1 Ibm | 1 Websphere Application Server | 2017-09-08 | 4.3 MEDIUM | N/A |
| The Communications Enabled Applications (CEA) service in IBM WebSphere Application Server 8.0.x before 8.0.0.10 and 8.5.x before 8.5.5.4, and Feature Pack for CEA 1.x before 1.0.0.15, allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
| CVE-2014-6167 | 1 Ibm | 1 Websphere Application Server | 2017-09-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the URL rewriting feature in IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.4 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-6168 | 1 Ibm | 1 Security Identity Manager | 2017-09-08 | 6.0 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1 before 5.1.0.15 IF0056 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. | |||||
| CVE-2014-6170 | 1 Ibm | 2 Integration Bus, Websphere Message Broker | 2017-09-08 | 5.0 MEDIUM | N/A |
| The HTTPInput node in IBM WebSphere Message Broker 7.0 before 7.0.0.8 and 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.4 allows remote attackers to obtain sensitive information by triggering a SOAP fault. | |||||
| CVE-2015-0323 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2017-09-08 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0327. | |||||
| CVE-2015-0324 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2017-09-08 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2015-0325 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2017-09-08 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0326 and CVE-2015-0328. | |||||
| CVE-2015-0326 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2017-09-08 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0328. | |||||
| CVE-2015-0327 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2017-09-08 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0323. | |||||
| CVE-2015-0328 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2017-09-08 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0326. | |||||
| CVE-2015-0329 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2017-09-08 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0330. | |||||
| CVE-2015-0330 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2017-09-08 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0329. | |||||
| CVE-2015-0362 | 1 Oracle | 1 Fusion Middleware | 2017-09-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to BI Publisher Security. | |||||
| CVE-2015-0363 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Integration Business Services. | |||||
| CVE-2015-0364 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Integration Business Services. | |||||
| CVE-2015-0365 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - Server Infrastructure component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Security. | |||||
| CVE-2015-0366 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Java Integration, a different vulnerability than CVE-2014-0369. | |||||
| CVE-2015-0367 | 1 Oracle | 1 Fusion Middleware | 2017-09-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via vectors related to SSO Engine. | |||||
| CVE-2015-0368 | 1 Oracle | 1 Supply Chain Products Suite | 2017-09-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3, 6.3.1, 6.3.2, 6.3.3, 6.3.4, and 6.3.5 allows remote attackers to affect availability via unknown vectors related to Security. | |||||
| CVE-2015-0369 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to AX/HI Web UI. | |||||
| CVE-2015-0370 | 1 Oracle | 1 Database Server | 2017-09-08 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2013-5858. | |||||
| CVE-2015-0371 | 1 Oracle | 1 Database Server | 2017-09-08 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity and availability via unknown vectors. | |||||
| CVE-2015-0372 | 1 Oracle | 1 Fusion Middleware | 2017-09-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2015-0373 | 1 Oracle | 1 Database Server | 2017-09-08 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the OJVM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2015-0375 | 1 Sun | 1 Sunos | 2017-09-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network. | |||||
| CVE-2015-0378 | 1 Oracle | 1 Solaris | 2017-09-08 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Libc. | |||||
| CVE-2015-0379 | 1 Oracle | 1 Peoplesoft Products | 2017-09-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 allows remote attackers to affect integrity via vectors related to PIA Core Technology. | |||||
| CVE-2015-0380 | 1 Oracle | 1 E-business Suite | 2017-09-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Telecommunications Billing Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to OA Based UI for Bill Summary. | |||||
| CVE-2015-0384 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Siebel Public Sector component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect integrity via unknown vectors related to Public Sector Portal. | |||||
| CVE-2015-0385 | 1 Oracle | 1 Mysql | 2017-09-08 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth. | |||||
| CVE-2015-0387 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - Server OM Services component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via vectors related to Security - LDAP Security Adapter. | |||||
| CVE-2015-0388 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2015-0417. | |||||
| CVE-2015-0390 | 1 Oracle | 1 Retail Applications Xstore | 2017-09-08 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the MICROS Retail component in Oracle Retail Applications Xstore: 3.2.1, 3.4.2, 3.5.0, 4.0.1, 4.5.1, 4.8.0, 5.0.3, 5.5.3, 6.0.6, and 6.5.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Xstore Point of Sale. | |||||
| CVE-2015-0392 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - Server BizLogic Script component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Config - Scripting. | |||||
| CVE-2015-0393 | 1 Oracle | 1 E-business Suite | 2017-09-08 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to DB Privileges. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the researcher's claim that the PUBLIC role is granted the INDEX privilege for the DUAL table during a "seeded install," which allows remote authenticated users to gain SYSDBA privileges and execute arbitrary code. | |||||
| CVE-2015-0394 | 1 Oracle | 1 Peoplesoft Products | 2017-09-08 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote authenticated users to affect confidentiality via unknown vectors related to Report Distribution. | |||||
| CVE-2015-0396 | 1 Oracle | 1 Fusion Middleware | 2017-09-08 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Admin Console. | |||||
| CVE-2015-0397 | 1 Sun | 1 Sunos | 2017-09-08 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600. | |||||
| CVE-2015-0398 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Life Sciences component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Clinical Trip Report. | |||||
| CVE-2015-0402 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - Server BizLogic Script component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via vectors related to Integration - COM. | |||||
| CVE-2015-0404 | 1 Oracle | 1 E-business Suite | 2017-09-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Error Messages. | |||||
| CVE-2015-0409 | 1 Oracle | 2 Communications Policy Management, Mysql | 2017-09-08 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. | |||||
| CVE-2015-0415 | 1 Oracle | 1 E-business Suite | 2017-09-08 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Session Management. | |||||
| CVE-2015-0416 | 1 Oracle | 1 Supply Chain Products Suite | 2017-09-08 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Roles & Privileges. | |||||
| CVE-2015-0417 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2015-0388. | |||||
| CVE-2015-0419 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2013-1510. | |||||
| CVE-2015-0422 | 1 Oracle | 1 Supply Chain Products Suite | 2017-09-08 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, and 6.3.5 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure. | |||||
| CVE-2015-0424 | 1 Oracle | 1 Integrated Lights Out Manager Firmware | 2017-09-08 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite ILOM prior to 3.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to IPMI. | |||||
| CVE-2015-0425 | 1 Oracle | 1 Siebel Crm | 2017-09-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Enterprise Asset Management component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Siebel Core - Unix/Windows. | |||||
| CVE-2015-0428 | 1 Sun | 1 Sunos | 2017-09-08 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control. | |||||