Latest CVE Feed
-
4.3
MEDIUMCVE-2021-33011
All versions of the afffected TOYOPUC-PC10 Series,TOYOPUC-Plus Series,TOYOPUC-PC3J/PC2J Series, TOYOPUC-Nano Series products may not be able to properly process an ICMP flood, which may allow an attacker to deny Ethernet communications between affected de... Read more
Affected Products : pc10g-cpu_tcc-6353_firmware pc10ge_tcc-6464_firmware pc10p_tcc-6372_firmware pc10p-dp_tcc-6726_firmware pc10p-dp-io_tcc-6752_firmware pc10b-p_tcc-6373_firmware pc10b_tcc-1021_firmware pc10b-e\/c_tcu-6521_firmware plus_cpu_tcc-6740_firmware plus_ex_tcu-6741_firmware +44 more products- Published: Sep. 10, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-39871
In all versions of GitLab CE/EE since version 13.0, an instance that has the setting to disable Bitbucket Server import enabled is bypassed by an attacker making a crafted API call.... Read more
Affected Products : gitlab- Published: Oct. 04, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-39932
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Using large payloads, the diff feature could be used to tri... Read more
Affected Products : gitlab- Published: Dec. 13, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-39857
Adobe Acrobat Reader DC add-on for Internet Explorer versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage t... Read more
- Published: Sep. 29, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-37191
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same network of the affected system could brute force the usernames from the affected software.... Read more
Affected Products : sinema_remote_connect_server- Published: Sep. 14, 2021
- Modified: Apr. 23, 2025
-
4.3
MEDIUMCVE-2021-37192
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software has an information disclosure vulnerability that could allow an attacker to retrieve a list of network devices a known user can manage.... Read more
Affected Products : sinema_remote_connect_server- Published: Sep. 14, 2021
- Modified: Apr. 23, 2025
-
4.3
MEDIUMCVE-2021-39911
An improper access control flaw in all versions of GitLab CE/EE starting from 13.9 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 exposes private email address of Issue and Merge Requests as... Read more
Affected Products : gitlab- Published: Nov. 05, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-35686
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Unified Metadata Manager). Supported versions that are affected are 8.0.7-8.1.1. Easily exploitable vulnera... Read more
Affected Products : financial_services_analytical_applications_infrastructure- Published: Jan. 19, 2022
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-37965
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.... Read more
- Published: Oct. 08, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2024-39411
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass securi... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 14, 2024
-
4.3
MEDIUMCVE-2019-13754
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.... Read more
- Published: Dec. 10, 2019
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2017-10071
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: All Modules). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily expl... Read more
Affected Products : flexcube_universal_banking- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2016-9700
IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID: 119528.... Read more
- Published: Jul. 05, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2017-10081
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated ... Read more
Affected Products : debian_linux active_iq_unified_manager cloud_backup oncommand_balance oncommand_insight oncommand_performance_manager oncommand_unified_manager jdk jre e-series_santricity_os_controller +9 more products- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2020-6571
Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.... Read more
- Published: Sep. 21, 2020
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2016-9735
IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,... Read more
- Published: May. 15, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2020-6810
After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. Combined with spoofing the browser chrome, this could have led to confusing the user ab... Read more
Affected Products : firefox- Published: Mar. 25, 2020
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2013-0792
Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a den... Read more
- Published: Apr. 03, 2013
- Modified: Apr. 11, 2025
-
4.3
MEDIUMCVE-2017-10175
Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: Profiles). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows low privileged ... Read more
Affected Products : isupport- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2017-10133
Vulnerability in the Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite8/RestAPI). The supported version that is affected is 1.1. Easily exploitable vulnerability allows low privileged attacker with network access v... Read more
Affected Products : hospitality_hotel_mobile- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025