Latest CVE Feed
-
4.0
MEDIUMCVE-2015-0517
The D2-API component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 before 4.1 P22, and 4.2 before P11 places the MD5 hash of an encryption passphrase in log files, which allows remote authenticated users to obtain sensitive information by reading a fi... Read more
Affected Products : documentum_d2- Published: Feb. 14, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-3221
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset ... Read more
- Published: Aug. 26, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4314
The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to obtain sensitive password-hash information by reading the snapshot file, aka Bug ID CSCuv40422.... Read more
Affected Products : telepresence_video_communication_server_software- Published: Aug. 20, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-0500
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.... Read more
- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-5253
The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a "wrapping attack."... Read more
Affected Products : cxf- Published: Nov. 18, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2020-4371
IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains sensitive information in leftover debug code that could be used aid a local user in further attacks against the system. IBM X-Force ID: 179008.... Read more
Affected Products : verify_gateway- Published: Jul. 22, 2020
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2015-3030
The web interface in McAfee Advanced Threat Defense (MATD) before 3.4.4.63 allows remote authenticated users to obtain sensitive configuration information via unspecified vectors.... Read more
Affected Products : advanced_threat_defense- Published: Apr. 08, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4738
Unspecified vulnerability in the PeopleSoft Enterprise HCM Candidate Gateway component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.... Read more
Affected Products : peoplesoft_products- Published: Jul. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-3289
OpenStack Glance before 2015.1.1 (kilo) allows remote authenticated users to cause a denial of service (disk consumption) by repeatedly using the import task flow API to create images and then deleting them.... Read more
Affected Products : glance- Published: Aug. 14, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4225
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka B... Read more
Affected Products : nx-os nexus_93120tx nexus_93128tx nexus_9332pq nexus_9336pq_aci_spine nexus_9372px nexus_9372tx nexus_9396px nexus_9396tx nexus_9504 +2 more products- Published: Jun. 27, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-0475
Unspecified vulnerability in the JD Edwards EnterpriseOne Technology component in Oracle JD Edwards Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web Runtime Security.... Read more
Affected Products : jd_edwards_products- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-0487
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote authenticated users to affect integrity via vectors related to PIA Core Technology, a different vulnerability than CVE-2... Read more
Affected Products : peoplesoft_products- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4762
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 and 12.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Online patching.... Read more
Affected Products : e-business_suite- Published: Oct. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2012-2385
The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.... Read more
Affected Products : mosh- Published: Jun. 29, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2015-3231
The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache.... Read more
- Published: Jun. 22, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-5250
The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service (master process crash) via crafted JSON data.... Read more
- Published: Sep. 08, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-0673
Cisco Mobility Services Engine (MSE) 8.0(110.0) allows remote authenticated users to discover the passwords of arbitrary users by (1) reading log files or (2) using an unspecified GUI feature, aka Bug ID CSCut24792.... Read more
- Published: Mar. 26, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2012-2738
The VteTerminal in gnome-terminal (vte) before 0.32.2 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.... Read more
Affected Products : vte- Published: Jul. 22, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2015-4214
Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) allows remote authenticated users to discover cleartext passwords by reading HTML source code, aka Bug ID CSCuu33050.... Read more
Affected Products : unified_meetingplace- Published: Jun. 24, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-3180
lib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to obtain sensitive course-structure information by leveraging access to a student account with a suspended en... Read more
Affected Products : moodle- Published: Jun. 01, 2015
- Modified: Apr. 12, 2025