Latest CVE Feed
-
4.0
MEDIUMCVE-2014-5393
Directory traversal vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote authenticated users with the info permission to read arbitrary files in the webroot via unspecified v... Read more
Affected Products : jobscheduler- Published: Sep. 11, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2014-2366
upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code.... Read more
- Published: Jul. 19, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2014-6131
IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 ... Read more
- Published: Mar. 18, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2014-4758
IBM Business Process Manager (BPM) 7.5.x through 8.5.5 and WebSphere Lombardi Edition 7.2.x allow remote authenticated users to bypass intended access restrictions and send requests to internal services via a callService URL.... Read more
- Published: Sep. 04, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2014-2494
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.... Read more
- Published: Jul. 17, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2014-3946
The query caching functionality in the Extbase Framework component in TYPO3 6.2.0 before 6.2.3 does not properly validate group permissions, which allows remote authenticated users to read arbitrary queries via unspecified vectors.... Read more
Affected Products : typo3- Published: Jun. 03, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-9338
An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
4.0
MEDIUMCVE-2015-6491
Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote authenticated users to insert the content of an arbitrary file into a FRAME element via unspecified vectors.... Read more
- Published: Oct. 28, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-2535
Active Directory in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service outage) by creating multiple machine accounts, aka "Active Directory Denial of Service Vul... Read more
- Published: Sep. 09, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-8575
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted appli... Read more
Affected Products : linux_kernel- Published: Feb. 08, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4870
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.... Read more
Affected Products : ubuntu_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation leap enterprise_linux_server_aus enterprise_linux_server_tus mysql +5 more products- Published: Oct. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4040
Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager big-ip_edge_gateway +4 more products- Published: Sep. 17, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2025-49128
Jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's `JsonLocation._appendSourceDesc` method allows... Read more
Affected Products :- Published: Jun. 06, 2025
- Modified: Jun. 09, 2025
- Vuln Type: Information Disclosure
-
4.0
MEDIUMCVE-2013-2219
The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.... Read more
- Published: Jul. 31, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2006-0615
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.2_09 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, a... Read more
- Published: Feb. 09, 2006
- Modified: Apr. 03, 2025
-
4.0
MEDIUMCVE-2009-0922
PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding,... Read more
Affected Products : postgresql- Published: Mar. 17, 2009
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2006-2449
KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login.... Read more
- Published: Jun. 15, 2006
- Modified: Apr. 03, 2025
-
4.0
MEDIUMCVE-2008-3991
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3990.... Read more
- Published: Oct. 14, 2008
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2009-2906
smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.... Read more
- Published: Oct. 07, 2009
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2021-21781
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak ke... Read more
- Published: Aug. 18, 2021
- Modified: Nov. 21, 2024