Search
Total
21119 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3336 | 1 Adobe | 1 Coldfusion | 2013-11-07 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2013-6345 | 1 Novell | 1 Zenworks Configuration Management | 2013-11-05 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception." | |||||
| CVE-2013-6288 | 2 Ingo Renner, Typo3 | 2 Apache Solr, Typo3 | 2013-11-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize." | |||||
| CVE-2013-5836 | 1 Oracle | 1 Peoplesoft Products | 2013-11-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Business Interlink. | |||||
| CVE-2013-5837 | 1 Oracle | 1 Industry Applications | 2013-11-03 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Oracle Health Sciences InForm component in Oracle Industry Applications 4.6 SP0, 4.6 SP0a-c, 4.6 SP1, 4.6 SP1a-c, 4.6 SP2, 4.6 SP2a-c, 5.0 SP0, 5.0 SP0a, 5.0 SP1, 5.0 SP1a-b, 5.0.3, and 5.0.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Cognos. | |||||
| CVE-2013-5835 | 1 Oracle | 1 Siebel Crm | 2013-11-03 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Open_UI. | |||||
| CVE-2013-6244 | 1 Sap | 1 Netweaver | 2013-10-31 | 5.0 MEDIUM | N/A |
| The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
| CVE-2013-5857 | 1 Oracle | 1 Industry Applications | 2013-10-31 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Oracle Health Sciences InForm component in Oracle Industry Applications 4.5 SP3, 4.5 SP3a-k, 4.6 SP0, 4.6 SP0a-c, 4.6 SP1, 4.6 SP1a-c, 4.6 SP2, 4.6 SP2a-c, 5.0 SP0, 5.0 SP0a, 5.0 SP1, and 5.0 SP1a-b allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web. | |||||
| CVE-2013-5867 | 1 Oracle | 1 Siebel Crm | 2013-10-31 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - Server Infrastructure component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect availability via vectors related to SISNAPI & Network Infrastructure. | |||||
| CVE-2013-5847 | 1 Oracle | 1 Peoplesoft Products | 2013-10-31 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS eCompensation component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to eCompensation. | |||||
| CVE-2013-5845 | 1 Oracle | 1 Ilearning | 2013-10-31 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Administration. | |||||
| CVE-2013-5859 | 1 Oracle | 1 Primavera Products Suite | 2013-10-31 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Instantis EnterpriseTrack component in Oracle Primavera Products Suite 8.0.6 and 8.5 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2013-5861 | 1 Oracle | 1 Sunos | 2013-10-31 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 11.1 allows remote attackers to affect availability via vectors related to Kernel/KSSL. | |||||
| CVE-2013-5856 | 1 Oracle | 1 Industry Applications | 2013-10-31 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Oracle Health Sciences InForm component in Oracle Industry Applications 4.5 SP3, 4.5 SP3a-k, 4.6 SP0, 4.6 SP0a-c, 4.6 SP1, 4.6 SP1a-c, 4.6 SP2, 4.6 SP2a-c, 5.0 SP0, 5.0 SP0a, 5.0 SP1, 5.0 SP1a-b, 5.5 SP0, 5.5 SP0b, 5.5.1, and 6.0.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web. | |||||
| CVE-2013-4210 | 1 Redhat | 4 Jboss Enterprise Application Platform, Jboss Enterprise Brms Platform, Jboss Enterprise Soa Platform and 1 more | 2013-10-31 | 5.0 MEDIUM | N/A |
| The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. | |||||
| CVE-2013-0184 | 1 Rack Project | 1 Rack | 2013-10-31 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x before 1.1.5, 1.2.x before 1.2.7, 1.3.x before 1.3.9, and 1.4.x before 1.4.4 allows remote attackers to cause a denial of service via unknown vectors related to "symbolized arbitrary strings." | |||||
| CVE-2012-1682 | 1 Oracle | 2 Jdk, Jre | 2013-10-31 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." | |||||
| CVE-2012-4529 | 1 Redhat | 2 Jboss Community Application Server, Jboss Enterprise Application Platform | 2013-10-30 | 4.3 MEDIUM | N/A |
| The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log. | |||||
| CVE-2013-1056 | 1 Canonical | 1 Ubuntu Linux | 2013-10-29 | 1.9 LOW | N/A |
| X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files. | |||||
| CVE-2013-6284 | 1 Sap | 1 Erp Central Component | 2013-10-28 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Statutory Reporting for Insurance (FS_SR) component in the Financial Services module for SAP ERP Central Component (ECC) allows attackers to execute arbitrary code via unspecified vectors, related to a "code injection vulnerability." | |||||
| CVE-2013-5549 | 1 Cisco | 1 Ios Xr | 2013-10-25 | 7.1 HIGH | N/A |
| Cisco IOS XR 3.8.1 through 4.2.0 does not properly process fragmented packets within the RP-A, RP-B, PRP, and DRP-B route-processor components, which allows remote attackers to cause a denial of service (transmission outage) via (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCuh30380. | |||||
| CVE-2013-5166 | 1 Apple | 1 Mac Os X | 2013-10-24 | 4.9 MEDIUM | N/A |
| The Bluetooth USB host controller in Apple Mac OS X before 10.9 prematurely deletes interfaces, which allows local users to cause a denial of service (system crash) via a crafted application. | |||||
| CVE-2013-5815 | 1 Oracle | 2 Identity Analytics, Sun Role Manager | 2013-10-24 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Identity Analytics component in Oracle Fusion Middleware Oracle Identity Analytics 11.1.1.5 and Sun Role Manager 4.1 and 5.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. | |||||
| CVE-2013-5798 | 1 Oracle | 1 Fusion Middleware | 2013-10-24 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0.0 and 11.1.2.1.0 allows remote attackers to affect integrity via unknown vectors related to End User Self Service. | |||||
| CVE-2013-5827 | 1 Oracle | 3 Enterprise Manager Database Control, Enterprise Manager Grid Control, Enterprise Manager Plugin For Database Control | 2013-10-24 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management. | |||||
| CVE-2013-5766 | 1 Oracle | 3 Enterprise Manager Database Control, Enterprise Manager Grid Control, Enterprise Manager Plugin For Database Control | 2013-10-24 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to DB Performance Advisories/UIs. | |||||
| CVE-2013-5773 | 1 Oracle | 1 Fusion Middleware | 2013-10-24 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5.0 allows remote attackers to affect integrity via unknown vectors related to Servlet Runtime. | |||||
| CVE-2013-5828 | 1 Oracle | 3 Enterprise Manager Database Control, Enterprise Manager Grid Control, Enterprise Manager Plugin For Database Control | 2013-10-24 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to Storage Management. | |||||
| CVE-2013-3831 | 1 Oracle | 1 Fusion Middleware | 2013-10-24 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Portal component in Oracle Fusion Middleware 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Demos. | |||||
| CVE-2013-3836 | 1 Oracle | 1 Fusion Middleware | 2013-10-24 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Web Cache component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to ESI/Partial Page Caching. | |||||
| CVE-2013-3828 | 1 Oracle | 1 Fusion Middleware | 2013-10-24 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 10.1.3.5.0 and 11.1.1.6.0 allows remote attackers to affect confidentiality via unknown vectors related to Test Page. | |||||
| CVE-2013-3762 | 1 Oracle | 3 Enterprise Manager Database Control, Enterprise Manager Grid Control, Enterprise Manager Plugin For Database Control | 2013-10-24 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2, 12.1.0.3, and 12.1.0.4 allows remote attackers to affect integrity via unknown vectors related to Schema Management. | |||||
| CVE-2013-3833 | 1 Oracle | 1 Fusion Middleware | 2013-10-24 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5.0 and 11.1.2.0.0 allows remote attackers to affect integrity via unknown vectors related to Authentication Engine. | |||||
| CVE-2013-5822 | 1 Oracle | 1 Ilearning | 2013-10-17 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Learner Administration. | |||||
| CVE-2013-5816 | 1 Oracle | 1 Fusion Middleware | 2013-10-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote attackers to affect availability via unknown vectors related to Metro. | |||||
| CVE-2013-5811 | 1 Oracle | 1 Industry Applications | 2013-10-17 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Health Sciences InForm component in Oracle Industry Applications 4.5 SP3, 4.5 SP3a-k, 4.6 SP0, 4.6 SP0a-c, 4.6 SP1, 4.6 SP1a-c, 4.6 SP2, 4.6 SP2a-c, 5.0 SP0, 5.0 SP0a, 5.0 SP1, and 5.0 SP1a-b allows remote authenticated users to affect confidentiality via unknown vectors related to Web. | |||||
| CVE-2013-5799 | 1 Oracle | 1 Supply Chain Products Suite | 2013-10-16 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.2 allows remote attackers to affect integrity via unknown vectors related to Security. | |||||
| CVE-2013-5796 | 1 Oracle | 1 Siebel Crm | 2013-10-16 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect availability via unknown vectors related to Web Services. | |||||
| CVE-2013-5792 | 1 Oracle | 1 E-business Suite | 2013-10-16 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Techstack component in Oracle E-Business Suite 12.1 allows remote attackers to affect confidentiality via unknown vectors related to Apache. | |||||
| CVE-2013-5781 | 1 Oracle | 4 Sparc T4-1, Sparc T4-1b, Sparc T4-4 and 1 more | 2013-10-16 | 6.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle PARC Enterprise T4 Servers running Sun System Firmware before 8.3.0.b allows local users to affect confidentiality, integrity, and availability via vectors related to Sun System Firmware/Integrated Lights Out Manager (ILOM). | |||||
| CVE-2013-5779 | 1 Oracle | 1 Peoplesoft Products | 2013-10-16 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote authenticated users to affect confidentiality via vectors related to PIA Core Technology. | |||||
| CVE-2013-5768 | 1 Oracle | 1 Siebel Crm | 2013-10-16 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect integrity via unknown vectors related to ActiveX Controls. | |||||
| CVE-2013-5769 | 1 Oracle | 1 Siebel Crm | 2013-10-16 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 allows remote authenticated users to affect availability via unknown vectors related to Web Services. | |||||
| CVE-2013-5762 | 1 Oracle | 1 Industry Applications | 2013-10-16 | 2.4 LOW | N/A |
| Unspecified vulnerability in the Oracle Siebel CTMS component in Oracle Industry Applications 8.1.1.x allows local users to affect confidentiality and availability via unknown vectors related to SC-OC Integration. | |||||
| CVE-2013-5765 | 1 Oracle | 1 Peoplesoft Products | 2013-10-16 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect availability via vectors related to XML Publisher. | |||||
| CVE-2013-5761 | 1 Oracle | 1 Siebel Crm | 2013-10-16 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - Server BizLogic Script component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Integration - Scripting. | |||||
| CVE-2013-3841 | 1 Oracle | 1 Siebel Crm | 2013-10-16 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Web Services. | |||||
| CVE-2013-3838 | 1 Oracle | 12 Sparc Enterprise M8000 Server, Sparc Enterprise M9000 Server, Sparc T3-1 and 9 more | 2013-10-16 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle SPARC Enterprise T & M Series Servers running Sun System Firmware before 6.7.13 for SPARC T1, 7.4.6.c for SPARC T2, 8.3.0.b for SPARC T3 & T4, 9.0.0.d for SPARC T5 and 9.0.1.e for SPARC M5 allows local users to affect availability via unknown vectors related to Sun System Firmware/Hypervisor. | |||||
| CVE-2013-3840 | 1 Oracle | 1 Siebel Crm | 2013-10-16 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Web Services. | |||||
| CVE-2013-3834 | 1 Oracle | 1 Virtualization | 2013-10-16 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5 allows remote attackers to affect availability via unknown vectors related to ttaauxserv. | |||||