Latest CVE Feed
-
4.0
MEDIUMCVE-2013-1901
PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions.... Read more
- Published: Apr. 04, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2015-4804
Unspecified vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Management component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.... Read more
Affected Products : peoplesoft_products- Published: Oct. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2014-8510
The AdminUI in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) before 6.0 HF build 1244 allows remote authenticated users to read arbitrary files via vectors related to configuration input when saving filters.... Read more
Affected Products : interscan_web_security_virtual_appliance- Published: Nov. 07, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-0388
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2015-0417.... Read more
Affected Products : siebel_crm- Published: Jan. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4950
The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 6.1 before 6.1.3.6, 6.3 before 6.3.1.3, 6.4 before 6.4.1.4, and 7.1 before 7.1.0.2; Tivoli Storage FlashCopy Manager: FlashCopy Manager for M... Read more
- Published: Aug. 23, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4980
Unspecified vulnerability in IBM WebSphere Commerce 7.0.0.6 through 7.0.0.9 allows remote authenticated users to obtain sensitive personal information via unknown vectors.... Read more
Affected Products : websphere_commerce- Published: Sep. 14, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4225
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka B... Read more
Affected Products : nx-os nexus_93120tx nexus_93128tx nexus_9332pq nexus_9336pq_aci_spine nexus_9372px nexus_9372tx nexus_9396px nexus_9396tx nexus_9504 +2 more products- Published: Jun. 27, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4263
The Control and Provisioning functionality in Cisco Mobility Services Engine (MSE) 10.0(0.1) allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCut36851.... Read more
- Published: Jul. 10, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-2648
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.... Read more
- Published: Jul. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2012-2738
The VteTerminal in gnome-terminal (vte) before 0.32.2 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.... Read more
Affected Products : vte- Published: Jul. 22, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2015-4866
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.... Read more
- Published: Oct. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-0299
Multiple cross-site scripting (XSS) vulnerabilities in Open Source Point of Sale 2.3.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : open_source_point_of_sale- Published: Sep. 29, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-0465
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, and 6.3.6 allows remote authenticated users to affect confidentiality via unknown vectors... Read more
Affected Products : supply_chain_products_suite- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-2697
The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field with... Read more
- Published: Nov. 09, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-2582
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.... Read more
- Published: Jul. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-5253
The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a "wrapping attack."... Read more
Affected Products : cxf- Published: Nov. 18, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4858
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913.... Read more
Affected Products : ubuntu_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation leap enterprise_linux_server_aus enterprise_linux_server_tus mysql +5 more products- Published: Oct. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-0423
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.... Read more
- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-5250
The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service (master process crash) via crafted JSON data.... Read more
- Published: Sep. 08, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-5482
Directory traversal vulnerability in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the tab parameter in the gdbbpress_attachments page to wp-admin... Read more
Affected Products : gd_bbpress_attachments- Published: Aug. 18, 2015
- Modified: Apr. 12, 2025