Latest CVE Feed
-
4.0
MEDIUMCVE-2021-28163
In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves... Read more
Affected Products : fedora snapcenter e-series_santricity_os_controller e-series_santricity_web_services storage_replication_adapter_for_clustered_data_ontap vasa_provider_for_clustered_data_ontap virtual_storage_console solr autovue_for_agile_product_lifecycle_management communications_services_gatekeeper +13 more products- Published: Apr. 01, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2014-4338
cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all... Read more
Affected Products : cups-filters- Published: Jun. 22, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2021-2301
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple... Read more
Affected Products : active_iq_unified_manager mysql oncommand_insight oncommand_workflow_automation snapcenter mysql_server- Published: Apr. 22, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2014-3528
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication r... Read more
- Published: Aug. 19, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-0432
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.... Read more
Affected Products : ubuntu_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation mysql mariadb solaris linux_enterprise_server +4 more products- Published: Jan. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-0690
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0691.... Read more
- Published: Apr. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2021-29671
IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging mechanism when file audit logging is enabled. IBM X-Force ID: 199478.... Read more
Affected Products : spectrum_scale- Published: Apr. 09, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2014-4244
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.... Read more
- Published: Jul. 17, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-8575
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted appli... Read more
Affected Products : linux_kernel- Published: Feb. 08, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-0459
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote authenticated users to affect integrity via unknown vectors related to Popup Windows.... Read more
Affected Products : e-business_suite- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2013-2219
The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.... Read more
- Published: Jul. 31, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2016-9338
An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
4.0
MEDIUMCVE-2011-2511
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.... Read more
Affected Products : libvirt- Published: Aug. 10, 2011
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2007-4669
The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log (firebird.log), aka CORE-1148.... Read more
- Published: Sep. 04, 2007
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2016-0448
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.... Read more
- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-0643
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML.... Read more
- Published: Apr. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2024-3861
If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.... Read more
- Published: Apr. 16, 2024
- Modified: Apr. 01, 2025
-
4.0
MEDIUMCVE-2008-3991
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3990.... Read more
- Published: Oct. 14, 2008
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2021-21781
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak ke... Read more
- Published: Aug. 18, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2021-20391
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999.... Read more
- Published: May. 14, 2021
- Modified: Nov. 21, 2024