Latest CVE Feed
-
4.0
MEDIUMCVE-2013-3780
Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Saved Search.... Read more
Affected Products : peoplesoft_products- Published: Jul. 17, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2012-3144
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.... Read more
Affected Products : mysql- Published: Oct. 16, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2012-3863
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digi... Read more
- Published: Jul. 09, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2016-4707
CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors.... Read more
- Published: Sep. 25, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2007-2041
Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug ID CS... Read more
- Published: Apr. 16, 2007
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2012-5563
OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue ex... Read more
Affected Products : folsom- Published: Dec. 18, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2012-3388
The is_enrolled function in lib/accesslib.php in Moodle 2.2.x before 2.2.4 and 2.3.x before 2.3.1 does not properly interact with the caching feature, which might allow remote authenticated users to bypass an intended capability check via unspecified vect... Read more
Affected Products : moodle- Published: Jul. 23, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2007-5239
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) ap... Read more
- Published: Oct. 06, 2007
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2007-3600
WordPlugin in the wordintegration component in vtiger CRM before 5.0.3 allows remote authenticated users to bypass field level security permissions and merge arbitrary fields in an Email template, as demonstrated by the fields in the Contact module.... Read more
Affected Products : vtiger_crm- Published: Jul. 06, 2007
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2014-1682
The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request.... Read more
- Published: May. 08, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2013-6800
An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a differ... Read more
- Published: Nov. 18, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2015-5413
HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain privileges and obtain sensitive information via unspecified vectors.... Read more
Affected Products : version_control_repository_manager- Published: Aug. 26, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2007-3785
Absolute path traversal vulnerability in a certain ActiveX control in PGPBBox.dll in EldoS SecureBlackbox (sbb) 5.1.0.112 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveToFile method. NOTE: t... Read more
Affected Products : secureblackbox- Published: Jul. 15, 2007
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2007-3639
WordPress before 2.2.2 allows remote attackers to redirect visitors to other websites and potentially obtain sensitive information via (1) the _wp_http_referer parameter to wp-pass.php, related to the wp_get_referer function in wp-includes/functions.php; ... Read more
Affected Products : wordpress- Published: Jul. 10, 2007
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2015-2266
message/index.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 does not consider the moodle/site:readallmessages capability before accessing arbitrary conversations, which allows remote authenticated users to obt... Read more
Affected Products : moodle- Published: Jun. 01, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2012-5375
The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (prevention of file creation) by leveraging the ability to write to a directory important to the victim, and creating a file ... Read more
Affected Products : linux_kernel- Published: Feb. 18, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2012-5374
The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (extended runtime of kernel code) by creating many different files whose names are associated with the same CRC32C hash value... Read more
Affected Products : linux_kernel- Published: Feb. 18, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2007-6095
The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traversal is employed, does not properly perform user registration and message distribution, which might allow remote authenticated users to receive messages int... Read more
- Published: Nov. 22, 2007
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2007-0297
Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.47.11 and 8.48.06 has unknown impact and attack vectors in PeopleTools, aka PSE03.... Read more
- Published: Jan. 17, 2007
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2006-6964
MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.... Read more
Affected Products : mailenable_professional- Published: Jan. 29, 2007
- Modified: Apr. 09, 2025