Latest CVE Feed
-
4.0
MEDIUMCVE-2020-14633
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compro... Read more
- Published: Jul. 15, 2020
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2014-4338
cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all... Read more
Affected Products : cups-filters- Published: Jun. 22, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2021-31906
In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file.... Read more
Affected Products : teamcity- Published: May. 11, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2021-29671
IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging mechanism when file audit logging is enabled. IBM X-Force ID: 199478.... Read more
Affected Products : spectrum_scale- Published: Apr. 09, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2013-1416
The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of servic... Read more
- Published: Apr. 19, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2014-4244
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.... Read more
- Published: Jul. 17, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2013-0776
Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 40... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus opensuse +3 more products- Published: Feb. 19, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2016-0690
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0691.... Read more
- Published: Apr. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-0432
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.... Read more
Affected Products : ubuntu_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation mysql mariadb solaris linux_enterprise_server +4 more products- Published: Jan. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2020-11040
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0.... Read more
- Published: May. 29, 2020
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2021-28163
In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves... Read more
Affected Products : fedora snapcenter e-series_santricity_os_controller e-series_santricity_web_services storage_replication_adapter_for_clustered_data_ontap vasa_provider_for_clustered_data_ontap virtual_storage_console solr autovue_for_agile_product_lifecycle_management communications_services_gatekeeper +13 more products- Published: Apr. 01, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2014-3528
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication r... Read more
- Published: Aug. 19, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2022-22266
(Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission.... Read more
- Published: Jan. 10, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2022-21372
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multip... Read more
- Published: Jan. 19, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2022-21249
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to c... Read more
Affected Products : fedora active_iq_unified_manager mysql oncommand_insight oncommand_workflow_automation snapcenter mysql_server- Published: Jan. 19, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2022-21423
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compro... Read more
Affected Products : active_iq_unified_manager mysql oncommand_insight oncommand_workflow_automation snapcenter mysql_server- Published: Apr. 19, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2022-27832
Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via a crafted media file.... Read more
- Published: Apr. 11, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2022-29035
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations... Read more
Affected Products : ktor- Published: Apr. 11, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2021-20551
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 199149.... Read more
- Published: Jun. 24, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2014-4297
Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4... Read more
Affected Products : database_server- Published: Oct. 15, 2014
- Modified: Apr. 12, 2025