Latest CVE Feed
-
4.0
MEDIUMCVE-2014-4244
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.... Read more
- Published: Jul. 17, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2021-29671
IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging mechanism when file audit logging is enabled. IBM X-Force ID: 199478.... Read more
Affected Products : spectrum_scale- Published: Apr. 09, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2014-4338
cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all... Read more
Affected Products : cups-filters- Published: Jun. 22, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2011-4320
The mod_pubsub module (mod_pubsub.erl) in ejabberd 2.1.8 and 3.0.0-alpha-3 allows remote authenticated users to cause a denial of service (infinite loop) via a stanza with a publish tag that lacks a node attribute.... Read more
Affected Products : ejabberd- Published: Feb. 18, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2015-3181
files/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not consider the moodle/user:manageownfiles capability before approving a private-file upload, which allows remote authenticated users to b... Read more
Affected Products : moodle- Published: Jun. 01, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2014-0401
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.... Read more
- Published: Jan. 15, 2014
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2014-3528
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication r... Read more
- Published: Aug. 19, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2021-28376
ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files.... Read more
Affected Products : chronoforums- Published: Jan. 12, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2015-4743
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to AD Utilities.... Read more
Affected Products : e-business_suite- Published: Jul. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2012-0534
Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Create Session.... Read more
Affected Products : database_server- Published: May. 03, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2012-0583
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.... Read more
- Published: May. 03, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2021-2301
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple... Read more
Affected Products : active_iq_unified_manager mysql oncommand_insight oncommand_workflow_automation snapcenter mysql_server- Published: Apr. 22, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2015-0432
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.... Read more
Affected Products : ubuntu_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation mysql mariadb solaris linux_enterprise_server +4 more products- Published: Jan. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2021-28163
In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves... Read more
Affected Products : fedora snapcenter e-series_santricity_os_controller e-series_santricity_web_services storage_replication_adapter_for_clustered_data_ontap vasa_provider_for_clustered_data_ontap virtual_storage_console solr autovue_for_agile_product_lifecycle_management communications_services_gatekeeper +13 more products- Published: Apr. 01, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2021-28566
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product image. Successful exploitation could lead to the disclosure o... Read more
- Published: Sep. 08, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2014-4287
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.... Read more
- Published: Oct. 15, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2020-1717
A flaw was found in Keycloak 7.0.1. A logged in user can do an account email enumeration attack.... Read more
- Published: Feb. 11, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2023-30724
Improper authentication in GallerySearchProvider of Gallery prior to version 14.5.01.2 allows attacker to access search history.... Read more
Affected Products : gallery- Published: Sep. 06, 2023
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2023-30717
Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers.... Read more
- Published: Sep. 06, 2023
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2020-35762
bloofoxCMS 0.5.2.1 is infected with Path traversal in the 'fileurl' parameter that allows attackers to read local files.... Read more
Affected Products : bloofoxcms- Published: Jun. 16, 2021
- Modified: Nov. 21, 2024