Max CVSS | 10.0 | Min CVSS | 1.2 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-1950 | 6.8 |
Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via
|
22-10-2024 - 13:42 | 13-03-2016 - 18:59 | |
CVE-2013-2566 | 4.3 |
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that u
|
21-10-2024 - 13:55 | 15-03-2013 - 21:55 | |
CVE-2016-2107 | 2.6 |
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against
|
16-02-2024 - 19:19 | 05-05-2016 - 01:59 | |
CVE-2015-0235 | 10.0 |
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
|
14-02-2024 - 01:17 | 28-01-2015 - 19:59 | |
CVE-2015-4852 | 7.5 |
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_comm
|
21-12-2023 - 01:31 | 18-11-2015 - 15:59 | |
CVE-2015-0423 | 4.0 |
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
|
12-09-2023 - 14:45 | 16-04-2015 - 16:59 | |
CVE-2010-5312 | 4.3 |
Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.
|
21-06-2023 - 18:26 | 24-11-2014 - 16:59 | |
CVE-2015-1792 | 5.0 |
The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL valu
|
13-02-2023 - 00:46 | 12-06-2015 - 19:59 | |
CVE-2015-1789 | 4.3 |
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a cr
|
13-02-2023 - 00:46 | 12-06-2015 - 19:59 | |
CVE-2014-0114 | 7.5 |
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "m
|
13-02-2023 - 00:32 | 30-04-2014 - 10:49 | |
CVE-2016-6303 | 7.5 |
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vect
|
12-02-2023 - 23:24 | 16-09-2016 - 05:59 | |
CVE-2016-2183 | 5.0 |
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birth
|
12-02-2023 - 23:17 | 01-09-2016 - 00:59 | |
CVE-2016-5504 | 4.7 |
Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.1.0.4, 6.1.1.6, and 6.2.0.0 allows local users to affect confidentiality via vectors related to Supplier Portal.
|
01-02-2023 - 17:51 | 25-10-2016 - 14:29 | |
CVE-2016-6664 | 6.9 |
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5
|
24-01-2023 - 16:09 | 13-12-2016 - 21:59 | |
CVE-2016-6308 | 7.1 |
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.
|
13-12-2022 - 12:15 | 26-09-2016 - 19:59 | |
CVE-2016-6302 | 5.0 |
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.
|
13-12-2022 - 12:15 | 16-09-2016 - 05:59 | |
CVE-2016-6307 | 4.3 |
The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted TLS messages, related to statem
|
13-12-2022 - 12:15 | 26-09-2016 - 19:59 | |
CVE-2016-6306 | 4.3 |
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
|
13-12-2022 - 12:15 | 26-09-2016 - 19:59 | |
CVE-2016-6304 | 7.8 |
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.
|
13-12-2022 - 12:15 | 26-09-2016 - 19:59 | |
CVE-2016-6305 | 5.0 |
The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call.
|
13-12-2022 - 12:15 | 26-09-2016 - 19:59 | |
CVE-2016-2106 | 5.0 |
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
|
13-12-2022 - 12:15 | 05-05-2016 - 01:59 | |
CVE-2016-2179 | 5.0 |
The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many
|
13-12-2022 - 12:15 | 16-09-2016 - 05:59 | |
CVE-2016-2176 | 6.4 |
The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EB
|
13-12-2022 - 12:15 | 05-05-2016 - 01:59 | |
CVE-2016-2109 | 7.8 |
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.
|
13-12-2022 - 12:15 | 05-05-2016 - 01:59 | |
CVE-2016-2181 | 5.0 |
The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops
|
13-12-2022 - 12:15 | 16-09-2016 - 05:59 | |
CVE-2016-2182 | 7.5 |
The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified ot
|
13-12-2022 - 12:15 | 16-09-2016 - 05:59 | |
CVE-2016-2178 | 2.1 |
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
|
13-12-2022 - 12:15 | 20-06-2016 - 01:59 | |
CVE-2016-2177 | 7.5 |
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveragi
|
13-12-2022 - 12:15 | 20-06-2016 - 01:59 | |
CVE-2015-3197 | 4.3 |
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 tra
|
13-12-2022 - 12:15 | 15-02-2016 - 02:59 | |
CVE-2016-2180 | 5.0 |
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application cra
|
13-12-2022 - 12:15 | 01-08-2016 - 02:59 | |
CVE-2016-2105 | 5.0 |
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
|
13-12-2022 - 12:15 | 05-05-2016 - 01:59 | |
CVE-2015-3195 | 5.0 |
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to ob
|
13-12-2022 - 12:15 | 06-12-2015 - 20:59 | |
CVE-2015-1790 | 5.0 |
The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash)
|
13-12-2022 - 12:15 | 12-06-2015 - 19:59 | |
CVE-2015-1791 | 6.8 |
Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial
|
13-12-2022 - 12:15 | 12-06-2015 - 19:59 | |
CVE-2015-1788 | 4.3 |
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial
|
13-12-2022 - 12:15 | 12-06-2015 - 19:59 | |
CVE-2015-0286 | 5.0 |
The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of ser
|
13-12-2022 - 12:15 | 19-03-2015 - 22:59 | |
CVE-2016-7440 | 2.1 |
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
|
27-10-2022 - 15:59 | 13-12-2016 - 16:59 | |
CVE-2016-5584 | 3.5 |
Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.
|
27-10-2022 - 15:12 | 25-10-2016 - 14:30 | |
CVE-2015-0382 | 4.3 |
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.
|
30-08-2022 - 17:36 | 21-01-2015 - 18:59 | |
CVE-2015-0381 | 4.3 |
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.
|
30-08-2022 - 17:30 | 21-01-2015 - 18:59 | |
CVE-2016-5635 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.
|
29-08-2022 - 20:48 | 25-10-2016 - 14:31 | |
CVE-2016-5632 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.
|
29-08-2022 - 20:48 | 25-10-2016 - 14:31 | |
CVE-2016-5633 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290.
|
29-08-2022 - 20:48 | 25-10-2016 - 14:31 | |
CVE-2016-5631 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.
|
29-08-2022 - 20:48 | 25-10-2016 - 14:31 | |
CVE-2016-5634 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR.
|
29-08-2022 - 20:48 | 25-10-2016 - 14:31 | |
CVE-2016-5628 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.
|
29-08-2022 - 20:48 | 25-10-2016 - 14:31 | |
CVE-2016-5625 | 4.4 |
Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging.
|
26-08-2022 - 17:15 | 25-10-2016 - 14:31 | |
CVE-2016-5507 | 6.8 |
Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.
|
26-08-2022 - 16:38 | 25-10-2016 - 14:29 | |
CVE-2016-3495 | 6.8 |
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.
|
26-08-2022 - 16:38 | 25-10-2016 - 14:29 | |
CVE-2015-0433 | 4.0 |
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.
|
26-08-2022 - 16:03 | 16-04-2015 - 16:59 | |
CVE-2014-0224 | 5.8 |
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL
|
16-08-2022 - 13:30 | 05-06-2014 - 21:55 | |
CVE-2016-7052 | 5.0 |
crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.
|
16-08-2022 - 13:17 | 26-09-2016 - 19:59 | |
CVE-2016-5630 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.
|
05-08-2022 - 14:24 | 25-10-2016 - 14:31 | |
CVE-2016-5629 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
|
05-08-2022 - 14:24 | 25-10-2016 - 14:31 | |
CVE-2016-5627 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.
|
04-08-2022 - 20:01 | 25-10-2016 - 14:31 | |
CVE-2016-5609 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
|
04-08-2022 - 20:00 | 25-10-2016 - 14:31 | |
CVE-2015-2568 | 5.0 |
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.
|
04-08-2022 - 19:58 | 16-04-2015 - 17:00 | |
CVE-2015-1351 | 7.5 |
Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
04-08-2022 - 15:46 | 30-03-2015 - 10:59 | |
CVE-2016-5612 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
|
20-07-2022 - 16:25 | 25-10-2016 - 14:31 | |
CVE-2016-5626 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
|
19-07-2022 - 17:13 | 25-10-2016 - 14:31 | |
CVE-2016-5624 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
|
19-07-2022 - 17:04 | 25-10-2016 - 14:31 | |
CVE-2016-3492 | 6.8 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
|
18-07-2022 - 17:42 | 25-10-2016 - 14:29 | |
CVE-2015-0411 | 7.5 |
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.
|
01-07-2022 - 14:14 | 21-01-2015 - 19:59 | |
CVE-2016-5568 | 9.3 |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
|
13-05-2022 - 14:57 | 25-10-2016 - 14:30 | |
CVE-2016-5542 | 4.3 |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to Libraries.
|
13-05-2022 - 14:57 | 25-10-2016 - 14:30 | |
CVE-2016-5582 | 9.3 |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5573.
|
13-05-2022 - 14:57 | 25-10-2016 - 14:30 | |
CVE-2016-5573 | 6.8 |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
|
13-05-2022 - 14:57 | 25-10-2016 - 14:30 | |
CVE-2016-5556 | 9.3 |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.
|
13-05-2022 - 14:57 | 25-10-2016 - 14:30 | |
CVE-2016-5554 | 4.3 |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to JMX.
|
13-05-2022 - 14:57 | 25-10-2016 - 14:30 | |
CVE-2016-5597 | 4.3 |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.
|
13-05-2022 - 14:57 | 25-10-2016 - 14:31 | |
CVE-2014-9296 | 5.0 |
The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.
|
17-11-2021 - 22:15 | 20-12-2014 - 02:59 | |
CVE-2014-9293 | 7.5 |
The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
|
17-11-2021 - 22:15 | 20-12-2014 - 02:59 | |
CVE-2014-9294 | 7.5 |
util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
|
17-11-2021 - 22:15 | 20-12-2014 - 02:59 | |
CVE-2014-9295 | 7.5 |
Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata func
|
17-11-2021 - 22:15 | 20-12-2014 - 02:59 | |
CVE-2016-6662 | 10.0 |
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow loc
|
04-08-2021 - 17:15 | 20-09-2016 - 18:59 | |
CVE-2014-0050 | 7.5 |
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that b
|
17-07-2021 - 08:15 | 01-04-2014 - 06:27 | |
CVE-2016-4979 | 5.0 |
The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request authorization, which allows remote attackers to bypass intended access restri
|
06-06-2021 - 11:15 | 06-07-2016 - 14:59 | |
CVE-2016-1546 | 4.3 |
The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service (stream-processing outage) via mo
|
06-06-2021 - 11:15 | 06-07-2016 - 14:59 | |
CVE-2013-4444 | 6.8 |
Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP f
|
07-01-2021 - 00:15 | 12-09-2014 - 01:55 | |
CVE-2016-1181 | 6.8 |
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart reques
|
15-07-2020 - 03:15 | 04-07-2016 - 22:59 | |
CVE-2016-1182 | 6.4 |
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related iss
|
15-07-2020 - 03:15 | 04-07-2016 - 22:59 | |
CVE-2015-3253 | 7.5 |
The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.
|
24-06-2020 - 05:15 | 13-08-2015 - 14:59 | |
CVE-2016-5558 | 7.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters
|
27-09-2019 - 17:04 | 25-10-2016 - 14:30 | |
CVE-2016-3081 | 9.3 |
Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method: prefix, related to chained expressions.
|
12-08-2019 - 21:15 | 26-04-2016 - 14:59 | |
CVE-2016-0635 | 9.0 |
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.
|
23-04-2019 - 19:29 | 21-07-2016 - 10:12 | |
CVE-2016-0714 | 6.5 |
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restric
|
15-04-2019 - 16:30 | 25-02-2016 - 01:59 | |
CVE-2016-0706 | 4.0 |
Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote aut
|
15-04-2019 - 16:30 | 25-02-2016 - 01:59 | |
CVE-2013-4590 | 4.3 |
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML d
|
15-04-2019 - 16:29 | 26-02-2014 - 14:55 | |
CVE-2013-4286 | 5.8 |
Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identifi
|
15-04-2019 - 16:29 | 26-02-2014 - 14:55 | |
CVE-2013-4322 | 4.3 |
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field
|
15-04-2019 - 16:29 | 26-02-2014 - 14:55 | |
CVE-2013-2067 | 6.8 |
java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions,
|
15-04-2019 - 16:29 | 01-06-2013 - 14:21 | |
CVE-2014-0227 | 6.4 |
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote atta
|
15-04-2019 - 16:29 | 16-02-2015 - 00:59 | |
CVE-2014-0099 | 4.3 |
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a craf
|
15-04-2019 - 16:29 | 31-05-2014 - 11:17 | |
CVE-2014-0096 | 4.3 |
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager
|
15-04-2019 - 16:29 | 31-05-2014 - 11:17 | |
CVE-2014-0119 | 4.3 |
Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web a
|
15-04-2019 - 16:29 | 31-05-2014 - 11:17 | |
CVE-2014-0075 | 5.0 |
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource
|
15-04-2019 - 16:29 | 31-05-2014 - 11:17 | |
CVE-2016-0763 | 6.5 |
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, wh
|
21-03-2019 - 15:59 | 25-02-2016 - 01:59 | |
CVE-2016-8288 | 4.9 |
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.
|
07-03-2019 - 20:03 | 25-10-2016 - 14:31 | |
CVE-2016-8284 | 1.2 |
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.
|
07-03-2019 - 20:03 | 25-10-2016 - 14:31 | |
CVE-2016-8283 | 4.0 |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
|
07-03-2019 - 20:02 | 25-10-2016 - 14:31 | |
CVE-2016-6663 | 4.4 |
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.
|
05-03-2019 - 18:23 | 13-12-2016 - 21:59 | |
CVE-2016-5613 | 2.1 |
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5608.
|
04-03-2019 - 17:01 | 25-10-2016 - 14:31 | |
CVE-2016-5611 | 2.1 |
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality via vectors related to Core.
|
04-03-2019 - 15:48 | 25-10-2016 - 14:31 | |
CVE-2016-5610 | 4.6 |
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core.
|
04-03-2019 - 15:46 | 25-10-2016 - 14:31 | |
CVE-2016-5608 | 2.1 |
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5613.
|
04-03-2019 - 15:41 | 25-10-2016 - 14:31 | |
CVE-2016-5501 | 7.2 |
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerabi
|
04-03-2019 - 15:38 | 25-10-2016 - 14:29 | |
CVE-2015-7940 | 5.0 |
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "
|
16-01-2019 - 19:29 | 09-11-2015 - 16:59 | |
CVE-2015-1793 | 6.4 |
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers t
|
30-11-2018 - 21:30 | 09-07-2015 - 19:17 | |
CVE-2016-5531 | 7.5 |
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS-WebServices.
|
30-10-2018 - 16:27 | 25-10-2016 - 14:30 | |
CVE-2016-5601 | 3.3 |
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components.
|
30-10-2018 - 16:27 | 25-10-2016 - 14:31 | |
CVE-2016-5535 | 7.5 |
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
|
30-10-2018 - 16:27 | 25-10-2016 - 14:30 | |
CVE-2016-5488 | 5.0 |
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.3.0 allows remote attackers to affect availability via vectors related to Web Container, a different vulnerability than CVE-2016-3445.
|
30-10-2018 - 16:27 | 25-10-2016 - 14:29 | |
CVE-2016-3505 | 9.0 |
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to JavaServer
|
30-10-2018 - 16:27 | 25-10-2016 - 14:29 | |
CVE-2012-1007 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-co
|
17-10-2018 - 01:29 | 07-02-2012 - 04:09 | |
CVE-2016-5574 | 7.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters
|
09-10-2018 - 20:00 | 25-10-2016 - 14:30 | |
CVE-2016-5537 | 4.6 |
Unspecified vulnerability in the NetBeans component in Oracle Fusion Middleware 8.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the October 2016 CPU. Oracle has
|
09-10-2018 - 20:00 | 25-10-2016 - 14:30 | |
CVE-2014-7809 | 6.8 |
Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable <s:token/> values, which allows remote attackers to bypass the CSRF protection mechanism.
|
09-10-2018 - 19:53 | 10-12-2014 - 15:59 | |
CVE-2015-5351 | 6.8 |
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protec
|
19-07-2018 - 01:29 | 25-02-2016 - 01:59 | |
CVE-2014-2532 | 5.8 |
sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
|
19-07-2018 - 01:29 | 18-03-2014 - 05:18 | |
CVE-2016-6309 | 10.0 |
statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session.
|
12-07-2018 - 01:29 | 26-09-2016 - 19:59 | |
CVE-2016-5598 | 6.8 |
Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python.
|
02-05-2018 - 15:20 | 25-10-2016 - 14:31 | |
CVE-2016-1881 | 7.2 |
The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause a denial of service (crash) or potentially gain privilege via a crafted Linux compatibility layer setgroups system call.
|
30-01-2018 - 02:29 | 15-02-2017 - 15:59 | |
CVE-2014-3571 | 5.0 |
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation fo
|
20-10-2017 - 01:29 | 09-01-2015 - 02:59 | |
CVE-2015-0409 | 4.0 |
Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
|
08-09-2017 - 01:29 | 21-01-2015 - 18:59 | |
CVE-2016-3473 | 4.0 |
Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors.
|
03-09-2017 - 01:29 | 25-10-2016 - 14:29 | |
CVE-2016-5596 | 4.0 |
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5585 | 6.4 |
Unspecified vulnerability in the Oracle Interaction Center Intelligence component in Oracle E-Business Suite 12.1.1 through 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5589 | 6.4 |
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrity via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5577 | 7.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5498 | 2.1 |
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5499.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5619 | 5.5 |
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality and integrity
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5591 | 6.4 |
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulne
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5595 | 6.4 |
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulne
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5587 | 6.4 |
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulne
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5570 | 5.5 |
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5581 | 4.6 |
Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5562 | 4.9 |
Unspecified vulnerability in the Oracle iProcurement component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5538 | 7.2 |
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerabi
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-8295 | 4.0 |
Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:32 | |
CVE-2016-5622 | 7.8 |
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote attackers to affect confidentiality and integrity via vecto
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5588 | 7.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5555 | 6.5 |
Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5544 | 7.2 |
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-8296 | 4.9 |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to LDAP.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:32 | |
CVE-2016-5567 | 5.5 |
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 and 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities, a different vulne
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5479 | 4.0 |
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 allows remote authenticated users to affect confidentiality via vectors related to INFRA.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-8293 | 5.8 |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Integration Broker, a different vulnerabil
|
29-07-2017 - 01:34 | 25-10-2016 - 14:32 | |
CVE-2016-8289 | 3.3 |
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:32 | |
CVE-2016-5561 | 2.6 |
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect availability via vectors related to IKE.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5530 | 5.8 |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Integration Broker, a different vulnerabil
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5500 | 5.0 |
Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to Viewer.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5607 | 6.5 |
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality, integrity, a
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5557 | 5.8 |
Unspecified vulnerability in the Oracle Advanced Pricing component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrity via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-8292 | 5.8 |
Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to Talent Acquisition Manager.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:32 | |
CVE-2016-5618 | 3.5 |
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.2.0.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related t
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5606 | 5.6 |
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5495 | 5.0 |
Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to EUL Code & Schema.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5600 | 5.5 |
Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5594 | 4.0 |
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to INFRA.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5511 | 4.3 |
Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 12.2.1.0.0, 12.2.1.1.0, and 12.2.1.2.0 allows remote attackers to affect integrity via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-8294 | 4.0 |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:32 | |
CVE-2016-5572 | 4.4 |
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5536 | 6.5 |
Unspecified vulnerability in the Oracle Platform Security for Java component in Oracle Fusion Middleware 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vecto
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5489 | 7.8 |
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via vectors related to Runtime Catalog.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5579 | 7.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5502 | 5.5 |
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality and integrity via vectors related
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5499 | 2.1 |
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-8291 | 5.8 |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Mobile Application Platform.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:32 | |
CVE-2016-5603 | 4.0 |
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors r
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5586 | 6.4 |
Unspecified vulnerability in the Oracle Email Center component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrity via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5576 | 4.9 |
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel Zones.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5497 | 4.4 |
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5604 | 3.3 |
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerabi
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-8286 | 3.5 |
Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5569 | 5.5 |
Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component in Oracle Financial Services Applications 12.0.0 and 12.1.0 allows remote authenticated users to affect confidentiality and integrity via unknown v
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5506 | 3.3 |
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware allows local users to affect confidentiality and integrity via vectors related to App Server.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5490 | 2.1 |
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.4.0 allows local users to affect confidentiality via vectors related to INFRA.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-8290 | 3.5 |
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:32 | |
CVE-2016-5532 | 5.0 |
Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Workflow Events.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-8285 | 4.9 |
Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote administrators to affect confidentiality and integrity via vectors related to Candidate Gateway.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5605 | 6.4 |
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5583 | 5.0 |
Unspecified vulnerability in the Oracle One-to-One Fulfillment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect integrity via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5566 | 5.0 |
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect confidentiality via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5553 | 4.7 |
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5592 | 6.4 |
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulne
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5578 | 7.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-8287 | 3.5 |
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5571 | 5.5 |
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 and 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities, a different vulne
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5559 | 4.0 |
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect integrity via vectors related to Kernel.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5529 | 5.8 |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Integration Broker, a different vulnerabil
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5516 | 4.7 |
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5487 | 4.6 |
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5620 | 5.5 |
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality and integrity
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5615 | 2.1 |
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5493 | 4.9 |
Unspecified vulnerability in the Oracle FLEXCUBE Private Banking component in Oracle Financial Services Applications 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5543 | 5.8 |
Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component in Oracle Financial Services Applications 12.0.0 and 12.1.0 allows remote attackers to affect confidentiality and integrity via vectors related to
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5519 | 6.5 |
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Java Server Faces.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5508 | 2.1 |
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 4.3 allows local users to affect confidentiality via vectors related to Cluster Geo.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-8281 | 6.5 |
Unspecified vulnerability in the Oracle Platform Security for Java component in Oracle Fusion Middleware 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vecto
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5621 | 4.0 |
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 and 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors relat
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5602 | 3.5 |
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Gener
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5593 | 6.4 |
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulne
|
29-07-2017 - 01:34 | 25-10-2016 - 14:31 | |
CVE-2016-5575 | 5.0 |
Unspecified vulnerability in the Oracle Common Applications Calendar component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Resources Module.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5525 | 2.1 |
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:30 | |
CVE-2016-5517 | 2.1 |
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 allows local users to affect confidentiality via vectors related to AD Utilities.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5505 | 2.1 |
Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-5480 | 1.9 |
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via vectors related to Bash.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-3562 | 4.3 |
Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to DBA.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2016-3551 | 10.0 |
Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXWS
|
29-07-2017 - 01:34 | 25-10-2016 - 14:29 | |
CVE-2015-0500 | 4.0 |
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
|
03-01-2017 - 02:59 | 16-04-2015 - 16:59 | |
CVE-2016-5599 | 6.4 |
Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12.2.3 through 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to MscObieeSrvlt.
|
28-11-2016 - 20:27 | 25-10-2016 - 14:31 | |
CVE-2016-5563 | 6.0 |
Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote administrators to affect confidentiality, integrity, and availabili
|
28-11-2016 - 20:27 | 25-10-2016 - 14:30 | |
CVE-2016-5564 | 6.5 |
Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote authenticated users to affect confidentiality, integrity, and avail
|
28-11-2016 - 20:27 | 25-10-2016 - 14:30 | |
CVE-2016-5580 | 5.5 |
Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.7 and 5.2 allows remote authenticated users to affect confidentiality and availability via vectors through Web Services.
|
28-11-2016 - 20:27 | 25-10-2016 - 14:30 | |
CVE-2016-5565 | 4.0 |
Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote authenticated users to affect confidentiality via vectors related t
|
28-11-2016 - 20:27 | 25-10-2016 - 14:30 | |
CVE-2016-5560 | 5.5 |
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 16.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to OpenUI.
|
28-11-2016 - 20:27 | 25-10-2016 - 14:30 | |
CVE-2016-5515 | 6.5 |
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RMIServlet.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5503 | 4.6 |
Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality, integrity, and availability via vectors related to Core Services.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5482 | 5.8 |
Unspecified vulnerability in the Oracle Commerce Guided Search component in Oracle Commerce 6.2.2, 6.3.0, 6.4.1.2, and 6.5.0 through 6.5.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5523 | 6.5 |
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to AutoVue Java Applet.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5522 | 4.0 |
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via unknown vectors.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5527 | 4.3 |
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5524.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:30 | |
CVE-2016-5514 | 6.5 |
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to ExportServlet.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5533 | 5.5 |
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.4, 15.x, and 16.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:30 | |
CVE-2016-5526 | 7.5 |
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Apache Tomcat.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:30 | |
CVE-2016-5513 | 4.0 |
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to File Manager.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5486 | 4.9 |
Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality via vectors related to Core Services.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5539 | 4.6 |
Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality, integrity, and availability via unknown vectors.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:30 | |
CVE-2016-5524 | 5.0 |
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5527.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:30 | |
CVE-2016-5518 | 6.8 |
Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to webfil
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5521 | 7.5 |
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5512.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5510 | 5.0 |
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via unknown vectors.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5534 | 4.0 |
Unspecified vulnerability in the Siebel Apps - Customer Order Management component in Oracle Siebel CRM 16.1 allows remote authenticated users to affect confidentiality via unknown vectors.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:30 | |
CVE-2016-5540 | 3.3 |
Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality and integrity via unknown vectors.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:30 | |
CVE-2016-5512 | 4.3 |
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5521.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5492 | 3.6 |
Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality and integrity via vectors related to SMB Users.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5481 | 4.3 |
Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows remote attackers to affect confidentiality via vectors related to Core Services.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
CVE-2016-5491 | 5.8 |
Unspecified vulnerability in the Oracle Commerce Service Center component in Oracle Commerce 10.0.3.5 and 10.2.0.5 allows remote attackers to affect confidentiality and integrity via unknown vectors.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 |