Latest CVE Feed
-
4.0
MEDIUMCVE-2016-3516
Unspecified vulnerability in the Oracle Enterprise Communications Broker component in Oracle Communications Applications before PCz 2.0.0m4p1 allows remote authenticated users to affect confidentiality via vectors related to GUI, a different vulnerability... Read more
Affected Products : enterprise_communications_broker- Published: Jul. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4752
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.... Read more
- Published: Jul. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-11077
An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account.... Read more
Affected Products : mattermost_server- Published: Jun. 19, 2020
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2016-3024
IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system.... Read more
- Published: Feb. 01, 2017
- Modified: Apr. 20, 2025
-
4.0
MEDIUMCVE-2015-2571
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.... Read more
- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-2947
IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 4.0 ... Read more
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-2868
IBM Security QRadar SIEM 7.2.x before 7.2.7 allows remote authenticated administrators to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.... Read more
Affected Products : qradar_security_information_and_event_manager- Published: Jul. 02, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2006-5198
The WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 before build 7245 allows remote attackers to execute arbitrary code via unspecified "unsafe methods."... Read more
Affected Products : winzip- Published: Nov. 14, 2006
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2006-6058
The minix filesystem code in Linux kernel 2.6.x before 2.6.24, including 2.6.18, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. NOTE: this issue might be... Read more
Affected Products : linux_kernel- Published: Nov. 22, 2006
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2021-32653
Nextcloud Server is a Nextcloud package that handles data storage. Nextcloud Server versions prior to 19.0.11, 20.0.10, or 21.0.2 send user IDs to the lookup server even if the user has no fields set to published. The vulnerability is patched in versions ... Read more
- Published: Jun. 01, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2017-3317
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker... Read more
- Published: Jan. 27, 2017
- Modified: Apr. 20, 2025
-
4.0
MEDIUMCVE-2006-3934
Absolute path traversal vulnerability in downloadTrigger.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to download arbitrary files via an absolute pathname in the filePath parameter.... Read more
Affected Products : opencms- Published: Jul. 31, 2006
- Modified: Apr. 03, 2025
-
4.0
MEDIUMCVE-2021-36057
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-what-where condition vulnerability caused during the application's memory allocation process. This may cause the memory management functions to become mismatched resulting in local applic... Read more
- Published: Sep. 01, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2017-3318
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high priv... Read more
- Published: Jan. 27, 2017
- Modified: Apr. 20, 2025
-
4.0
MEDIUMCVE-2021-2326
Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA privilege with network access via Oracle Net to... Read more
- Published: Jul. 21, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2014-6131
IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 ... Read more
- Published: Mar. 18, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2020-36826
A vulnerability was found in AwesomestCode LiveBot. It has been classified as problematic. Affected is the function parseSend of the file js/parseMessage.js. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Thi... Read more
Affected Products :- Published: Mar. 25, 2024
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2012-3168
Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Siebel Core - Server Infrastructure.... Read more
Affected Products : siebel_crm- Published: Jan. 17, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2014-3641
The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder before 2014.1.3 allows remote authenticated users to obtain file data from the Cinder-volume host by cloning and attaching a volume with a crafted qcow2 header.... Read more
Affected Products : cinder- Published: Oct. 08, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2014-3667
Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which allows remote authenticated users with the Overall/READ permission to obtain sensitive information by reading the plugin code.... Read more
- Published: Oct. 16, 2014
- Modified: Apr. 12, 2025