Total
28585 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-0642 | 7 Canonical, Debian, Mariadb and 4 more | 17 Ubuntu Linux, Debian Linux, Mariadb and 14 more | 2024-02-28 | 4.3 MEDIUM | 4.7 MEDIUM |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated. | |||||
CVE-2016-0667 | 1 Oracle | 1 Mysql | 2024-02-28 | 2.8 LOW | 4.4 MEDIUM |
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Locking. | |||||
CVE-2015-8125 | 1 Sensiolabs | 1 Symfony | 2024-02-28 | 7.5 HIGH | N/A |
Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener class in the Symfony Security Component, or (3) legacy CSRF implementation from the Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider class in the Symfony Form component. | |||||
CVE-2016-2474 | 1 Google | 1 Android | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 27424603. | |||||
CVE-2016-0584 | 1 Oracle | 1 Customer Relationship Management Technical Foundation | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0579, CVE-2016-0582, and CVE-2016-0583. | |||||
CVE-2016-3452 | 4 Ibm, Mariadb, Oracle and 1 more | 5 Powerkvm, Mariadb, Linux and 2 more | 2024-02-28 | 4.3 MEDIUM | 3.7 LOW |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption. | |||||
CVE-2015-4843 | 1 Oracle | 2 Jdk, Jre | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | |||||
CVE-2016-1099 | 2 Adobe, Microsoft | 3 Flash Player, Edge, Internet Explorer | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | |||||
CVE-2016-0594 | 2 Opensuse, Oracle | 3 Leap, Opensuse, Mysql | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Oracle MySQL 5.6.21 and earlier allows remote authenticated users to affect availability via vectors related to DML. | |||||
CVE-2016-0492 | 1 Oracle | 1 Application Testing Suite | 2024-02-28 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0488. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the isAllowedUrl function, which allows remote attackers to bypass authentication via directory traversal sequences following a URI entry that does not require authentication, as demonstrated by olt/Login.do/../../olt/UploadFileUpload.do. | |||||
CVE-2016-0450 | 1 Oracle | 1 Goldengate | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect availability via unknown vectors. | |||||
CVE-2015-5569 | 5 Adobe, Apple, Google and 2 more | 8 Air, Air Sdk, Air Sdk \& Compiler and 5 more | 2024-02-28 | 10.0 HIGH | N/A |
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 improperly implement the Flash broker API, which has unspecified impact and attack vectors. | |||||
CVE-2016-0668 | 6 Canonical, Debian, Mariadb and 3 more | 10 Ubuntu Linux, Debian Linux, Mariadb and 7 more | 2024-02-28 | 1.7 LOW | 4.1 MEDIUM |
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB. | |||||
CVE-2016-0666 | 6 Debian, Ibm, Mariadb and 3 more | 7 Debian Linux, Powerkvm, Mariadb and 4 more | 2024-02-28 | 3.5 LOW | 5.5 MEDIUM |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges. | |||||
CVE-2015-2596 | 1 Oracle | 2 Jdk, Jre | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 7u80 allows remote attackers to affect integrity via unknown vectors related to Hotspot. | |||||
CVE-2016-3547 | 1 Oracle | 1 One-to-one Fulfillment | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
Unspecified vulnerability in the Oracle One-to-One Fulfillment component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Content Manager. | |||||
CVE-2015-4790 | 1 Oracle | 1 Berkeley Db | 2024-02-28 | 6.9 MEDIUM | N/A |
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2654, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE-2015-4784, CVE-2015-4785, CVE-2015-4786, CVE-2015-4787, and CVE-2015-4789. | |||||
CVE-2016-3564 | 1 Oracle | 1 Toplink | 2024-02-28 | 9.3 HIGH | 8.1 HIGH |
Unspecified vulnerability in the Oracle TopLink component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JPA-RS. | |||||
CVE-2015-2653 | 1 Oracle | 1 Commerce Platform | 2024-02-28 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce Platform 3.1.1, 3.1.2, 11.0, and 11.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Content Acquisition System. | |||||
CVE-2016-3503 | 1 Oracle | 2 Jdk, Jre | 2024-02-28 | 4.4 MEDIUM | 7.7 HIGH |
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install. |