Search
Total
21119 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-0407 | 1 Oracle | 1 Peoplesoft Enterprise Human Capital Management Human Resources | 2016-12-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via vectors related to Fusion HR Talent Integration. | |||||
| CVE-2016-0659 | 1 Oracle | 1 Mysql | 2016-12-03 | 3.5 LOW | 5.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Optimizer. | |||||
| CVE-2016-0663 | 1 Oracle | 1 Mysql | 2016-12-03 | 3.5 LOW | 4.7 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Performance Schema. | |||||
| CVE-2016-0658 | 1 Oracle | 1 Mysql | 2016-12-03 | 3.5 LOW | 5.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Optimizer. | |||||
| CVE-2016-0657 | 1 Oracle | 1 Mysql | 2016-12-03 | 3.5 LOW | 5.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect confidentiality via vectors related to JSON. | |||||
| CVE-2016-0656 | 1 Oracle | 1 Mysql | 2016-12-03 | 3.5 LOW | 5.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0654. | |||||
| CVE-2016-0654 | 1 Oracle | 1 Mysql | 2016-12-03 | 3.5 LOW | 5.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0656. | |||||
| CVE-2016-0653 | 1 Oracle | 1 Mysql | 2016-12-03 | 3.5 LOW | 5.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to FTS. | |||||
| CVE-2016-0652 | 1 Oracle | 1 Mysql | 2016-12-03 | 3.5 LOW | 5.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to DML. | |||||
| CVE-2016-0623 | 1 Oracle | 1 Solaris | 2016-12-03 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect integrity via vectors related to the Automated Installer sub-component. | |||||
| CVE-2016-0662 | 1 Oracle | 1 Mysql | 2016-12-03 | 3.5 LOW | 5.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Partition. | |||||
| CVE-2016-0479 | 1 Oracle | 1 Business Intelligence | 2016-12-03 | 5.8 MEDIUM | 6.1 MEDIUM |
| Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality and integrity via vectors related to Analytics Scorecard. | |||||
| CVE-2016-0469 | 1 Oracle | 1 Micros C2 | 2016-12-03 | 4.6 MEDIUM | 5.5 MEDIUM |
| Unspecified vulnerability in the Oracle Retail MICROS C2 component in Oracle Retail Applications 9.89.0.0 allows local users to affect confidentiality via vectors related to POS. | |||||
| CVE-2016-0468 | 1 Oracle | 1 Business Intelligence | 2016-12-03 | 3.5 LOW | 5.4 MEDIUM |
| Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web General. | |||||
| CVE-2016-0408 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2016-12-03 | 4.3 MEDIUM | 5.4 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 through 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to the Activity Guide sub-component. | |||||
| CVE-2015-5370 | 2 Canonical, Samba | 2 Ubuntu Linux, Samba | 2016-12-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors. | |||||
| CVE-2015-2786 | 1 Mybb | 1 Mybb | 2016-12-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in MyBB (aka MyBulletinBoard) before 1.8.4 has unknown attack vectors related to "Group join request notifications sent to wrong group leaders." | |||||
| CVE-2015-2773 | 1 Websense | 1 V-series Appliances | 2016-12-03 | 5.0 MEDIUM | N/A |
| SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2015-2763 | 1 Websense | 1 Triton Ap Email | 2016-12-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to port 17703. | |||||
| CVE-2015-2767 | 1 Websense | 1 Triton Ap Email | 2016-12-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to "Autocomplete Enabled." | |||||
| CVE-2015-2772 | 1 Websense | 1 V-series Appliances | 2016-12-03 | 7.5 HIGH | N/A |
| SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to upload arbitrary files via unspecified vectors. | |||||
| CVE-2015-2352 | 1 Mybb | 1 Mybb | 2016-12-03 | 7.5 HIGH | N/A |
| The cache handler in MyBB (aka MyBulletinBoard) before 1.8.4 does not properly check the encoding of input to the var_export function, which allows attackers to have an unspecified impact via unknown vectors. | |||||
| CVE-2015-2579 | 1 Oracle | 1 Health Sciences Applications | 2016-12-03 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Oracle Health Sciences Argus Safety component in Oracle Health Sciences Applications 8.0 allows local users to affect confidentiality via vectors related to BIP Installer. | |||||
| CVE-2015-2116 | 1 Hp | 1 Storage Data Protector | 2016-12-03 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 build 107 allows remote authenticated users to execute arbitrary code or cause a denial of service via unknown vectors. | |||||
| CVE-2015-2115 | 1 Hp | 1 Capture And Route Software | 2016-12-03 | 2.7 LOW | N/A |
| Unspecified vulnerability in HP Capture and Route Software (HPCR) 1.3 before Patch 7, 1.3 FP1 before Patch 1, and 1.4 before Patch 1 allows remote authenticated users to obtain sensitive information via unknown vectors. | |||||
| CVE-2015-2124 | 1 Hp | 2 Smart Zero Core, Thinpro Linux | 2016-12-03 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors. | |||||
| CVE-2015-2123 | 1 Hp | 1 Nonstop Safeguard Security | 2016-12-03 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP NonStop Safeguard Security Software H06.x, L15.02, and J06.x before J06.19 allows remote authenticated users to gain privileges by leveraging Expand access. | |||||
| CVE-2015-1152 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2016-12-03 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154. | |||||
| CVE-2015-1153 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2016-12-03 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154. | |||||
| CVE-2016-1851 | 1 Apple | 1 Mac Os X | 2016-12-02 | 2.1 LOW | 4.6 MEDIUM |
| The Screen Lock feature in Apple OS X before 10.11.5 mishandles password profiles, which allows physically proximate attackers to reset expired passwords in the lock-screen state via unspecified vectors. | |||||
| CVE-2016-1809 | 1 Apple | 1 Mac Os X | 2016-12-01 | 7.8 HIGH | 7.5 HIGH |
| Disk Utility in Apple OS X before 10.11.5 uses incorrect encryption keys for disk images, which has unspecified impact and attack vectors. | |||||
| CVE-2016-5832 | 1 Wordpress | 1 Wordpress | 2016-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors. | |||||
| CVE-2016-5837 | 1 Wordpress | 1 Wordpress | 2016-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors. | |||||
| CVE-2016-2297 | 1 Meteocontrol | 4 Web\'log Basic 100, Web\'log Light, Web\'log Pro and 1 more | 2016-11-30 | 9.7 HIGH | 9.4 CRITICAL |
| Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature." | |||||
| CVE-2015-2111 | 2 Hp, Microsoft | 3 Intelligent Provisioning, Windows Server 2008, Windows Server 2012 | 2016-11-30 | 2.1 LOW | N/A |
| Unspecified vulnerability in HP Intelligent Provisioning 1.40 through 1.60 on Windows Server 2008 R2 and 2012 allows local users to obtain sensitive information via unknown vectors. | |||||
| CVE-2015-2109 | 1 Hp | 1 Operations Orchestration | 2016-11-30 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors. | |||||
| CVE-2015-2106 | 1 Hp | 3 Integrated Lights-out 2 Firmware, Integrated Lights-out 3 Firmware, Integrated Lights-out 4 Firmware | 2016-11-30 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors. | |||||
| CVE-2015-1945 | 1 Ibm | 1 Infosphere Master Data Management Server | 2016-11-30 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Reference Data Management component in IBM InfoSphere Master Data Management 10.1, 11.0, 11.3 before FP3, and 11.4 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2015-1829 | 1 Oracle | 1 Fusion Middleware | 2016-11-30 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.7, 11.1.1.9, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener. | |||||
| CVE-2016-6139 | 1 Sap | 1 Trex | 2016-11-28 | 7.6 HIGH | 9.8 CRITICAL |
| SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591. | |||||
| CVE-2016-5992 | 1 Ibm | 1 Sterling Connect\ | 2016-11-28 | 1.9 LOW | 2.5 LOW |
| IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to cause a denial of service via unspecified vectors. | |||||
| CVE-2016-6151 | 1 Ca | 1 Ehealth | 2016-11-28 | 9.0 HIGH | 8.8 HIGH |
| CA eHealth 6.2.x allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors. | |||||
| CVE-2016-5839 | 1 Wordpress | 1 Wordpress | 2016-11-28 | 5.0 MEDIUM | 7.5 HIGH |
| WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors. | |||||
| CVE-2016-5563 | 1 Oracle | 1 Hospitality Opera 5 Property Services | 2016-11-28 | 6.0 MEDIUM | 7.9 HIGH |
| Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote administrators to affect confidentiality, integrity, and availability via vectors related to OPERA. | |||||
| CVE-2016-5564 | 1 Oracle | 1 Hospitality Opera 5 Property Services | 2016-11-28 | 6.5 MEDIUM | 7.4 HIGH |
| Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to OPERA. | |||||
| CVE-2016-5515 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2016-11-28 | 6.5 MEDIUM | 8.8 HIGH |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RMIServlet. | |||||
| CVE-2016-5503 | 1 Oracle | 1 Sun Zfs Storage Appliance Kit | 2016-11-28 | 4.6 MEDIUM | 8.2 HIGH |
| Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality, integrity, and availability via vectors related to Core Services. | |||||
| CVE-2016-5514 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2016-11-28 | 6.5 MEDIUM | 8.8 HIGH |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to ExportServlet. | |||||
| CVE-2016-5539 | 1 Oracle | 1 Micros Xstore Payment | 2016-11-28 | 4.6 MEDIUM | 7.3 HIGH |
| Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2016-5523 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2016-11-28 | 6.5 MEDIUM | 8.8 HIGH |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to AutoVue Java Applet. | |||||