Latest CVE Feed
-
4.0
MEDIUMCVE-2011-1892
Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Serv... Read more
- Published: Sep. 15, 2011
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2015-4263
The Control and Provisioning functionality in Cisco Mobility Services Engine (MSE) 10.0(0.1) allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCut36851.... Read more
- Published: Jul. 10, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4225
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka B... Read more
Affected Products : nx-os nexus_93120tx nexus_93128tx nexus_9332pq nexus_9336pq_aci_spine nexus_9372px nexus_9372tx nexus_9396px nexus_9396tx nexus_9504 +2 more products- Published: Jun. 27, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-5718
Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content Gateway before 8.0.0 HF02 allows remote administrators to cause a denial of service (crash) via a crafted diagnostic command line request to submit_net_deb... Read more
Affected Products : content_gateway- Published: Aug. 12, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-5610
The RSM (aka RSMWinService) service in SolarWinds N-Able N-Central before 9.5.1.4514 uses the same password decryption key across different customers' installations, which makes it easier for remote authenticated users to obtain the cleartext domain-admin... Read more
Affected Products : n-able_n-central- Published: Jul. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-3231
The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache.... Read more
- Published: Jun. 22, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4816
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.... Read more
Affected Products : ubuntu_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_tus mysql enterprise_linux_eus +3 more products- Published: Oct. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-6407
Cisco Emergency Responder 10.5(3.10000.9) allows remote attackers to upload files to arbitrary locations via a crafted parameter, aka Bug ID CSCuv25501.... Read more
Affected Products : emergency_responder- Published: Dec. 13, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-2862
Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request.... Read more
Affected Products : virtual_system_administrator- Published: Jul. 20, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2006-3921
Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI.... Read more
- Published: Jul. 28, 2006
- Modified: Apr. 03, 2025
-
4.0
MEDIUMCVE-2015-5623
WordPress before 4.2.3 does not properly verify the edit_posts capability, which allows remote authenticated users to bypass intended access restrictions and create drafts by leveraging the Subscriber role, as demonstrated by a post-quickdraft-save action... Read more
- Published: Aug. 03, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2017-15136
When registering and activating a new system with Red Hat Satellite 6 if the new systems hostname is then reset to the hostname of a previously registered system the previously registered system will lose access to updates including security updates.... Read more
Affected Products : satellite- Published: Feb. 27, 2018
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2017-10220
Vulnerability in the Hospitality Property Interfaces component of Oracle Hospitality Applications (subcomponent: Parser). The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker with logon to the ... Read more
Affected Products : hospitality_suite8_property_interfaces- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
4.0
MEDIUMCVE-2017-10254
Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Staffing Front Office). The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network acc... Read more
Affected Products : peoplesoft_enterprise_staffing_front_office- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
4.0
MEDIUMCVE-2017-10426
Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Staffing Front Office). The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network acc... Read more
Affected Products : peoplesoft_enterprise_staffing_front_office- Published: Oct. 19, 2017
- Modified: Apr. 20, 2025
-
4.0
MEDIUMCVE-2020-14860
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr... Read more
Affected Products : active_iq_unified_manager mysql oncommand_insight oncommand_workflow_automation snapcenter mysql_server- Published: Oct. 21, 2020
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2013-0443
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality a... Read more
- Published: Feb. 02, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2013-0456
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to hijack sessions via a modified cookie path.... Read more
- Published: Jul. 03, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2012-5966
The restricted telnet shell on the D-Link DSL2730U router allows remote authenticated users to bypass intended command restrictions via shell metacharacters that follow a whitelisted command.... Read more
Affected Products : dsl-2730u- Published: Dec. 13, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2013-0470
HTTPD in IBM Netezza Performance Portal 1.0.2 allows remote authenticated users to list application directories containing asset files via a direct request to a directory URI, as demonstrated by listing image files.... Read more
- Published: Apr. 05, 2013
- Modified: Apr. 11, 2025