Latest CVE Feed
-
4.0
MEDIUMCVE-2019-19964
On NETGEAR GS728TPS devices through 5.3.0.35, a remote attacker having network connectivity to the web-administration panel can access part of the web panel, bypassing authentication.... Read more
- Published: Mar. 23, 2020
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2022-0317
An improper input validation vulnerability in go-attestation before 0.3.3 allows local users to provide a maliciously-formed Quote over no/some PCRs, causing AKPublic.Verify to succeed despite the inconsistency. Subsequent use of the same set of PCR value... Read more
Affected Products : go-attestation- Published: Feb. 04, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2011-2774
The "Reply to message" feature in Mahara 1.3.x and 1.4.x before 1.4.1 allows remote authenticated users to read the messages of a different user via a modified replyto parameter.... Read more
Affected Products : mahara- Published: Nov. 15, 2011
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2025-31335
The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures).... Read more
Affected Products :- Published: Mar. 28, 2025
- Modified: Mar. 28, 2025
- Vuln Type: Authentication
-
4.0
MEDIUMCVE-2025-25194
Lemmy, a link aggregator and forum for the fediverse, is vulnerable to server-side request forgery via a dependency on activitypub_federation, a framework for ActivityPub federation in Rust. This vulnerability, which is present in versions 0.6.2 and prior... Read more
Affected Products : lemmy- Published: Feb. 10, 2025
- Modified: Feb. 10, 2025
- Vuln Type: Server-Side Request Forgery
-
4.0
MEDIUMCVE-2024-57822
In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal().... Read more
Affected Products : raptor_rdf_syntax_library- Published: Jan. 10, 2025
- Modified: Jan. 10, 2025
- Vuln Type: Memory Corruption
-
4.0
MEDIUMCVE-2025-30721
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the ... Read more
Affected Products : mysql_server- Published: Apr. 15, 2025
- Modified: Jun. 23, 2025
- Vuln Type: Denial of Service
-
4.0
MEDIUMCVE-2019-2569
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to th... Read more
- Published: Jul. 23, 2019
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2015-2125
Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote authenticated users to bypass intended access restrictions via unknown vectors.... Read more
Affected Products : webinspect- Published: Jun. 07, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4752
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.... Read more
- Published: Jul. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-3024
IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system.... Read more
- Published: Feb. 01, 2017
- Modified: Apr. 20, 2025
-
4.0
MEDIUMCVE-2016-0587
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing.... Read more
- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-2868
IBM Security QRadar SIEM 7.2.x before 7.2.7 allows remote authenticated administrators to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.... Read more
Affected Products : qradar_security_information_and_event_manager- Published: Jul. 02, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-2571
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.... Read more
- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-0596
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.... Read more
Affected Products : ubuntu_linux enterprise_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation leap enterprise_linux_server_aus enterprise_linux_server_eus mysql +6 more products- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-0595
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier allows remote authenticated users to affect availability via vectors related to DML.... Read more
- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-1488
An unspecified action handler in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via unknown vectors.... Read more
Affected Products : endpoint_protection_manager- Published: Aug. 01, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-0614
Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more
- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-2947
IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 4.0 ... Read more
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-11077
An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account.... Read more
Affected Products : mattermost_server- Published: Jun. 19, 2020
- Modified: Nov. 21, 2024