Latest CVE Feed
-
4.0
MEDIUMCVE-2022-34314
IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings. IBM X-Force ID: 229450. ... Read more
Affected Products : cics_tx- Published: Nov. 14, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2022-34312
IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 229447. ... Read more
Affected Products : cics_tx- Published: Nov. 14, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2022-29035
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations... Read more
Affected Products : ktor- Published: Apr. 11, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2022-25824
Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview.... Read more
Affected Products : bixby_touch- Published: Mar. 10, 2022
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2022-38383
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 233673.... Read more
- Published: Jun. 28, 2024
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2015-0391
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.... Read more
- Published: Jan. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2024-3861
If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.... Read more
- Published: Apr. 16, 2024
- Modified: Apr. 01, 2025
-
4.0
MEDIUMCVE-2021-20391
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999.... Read more
- Published: May. 14, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2021-20286
A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service.... Read more
- Published: Mar. 15, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2015-0547
The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restricti... Read more
Affected Products : documentum_d2- Published: Jul. 04, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-9338
An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
4.0
MEDIUMCVE-2015-2535
Active Directory in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service outage) by creating multiple machine accounts, aka "Active Directory Denial of Service Vul... Read more
- Published: Sep. 09, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4870
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.... Read more
Affected Products : ubuntu_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation leap enterprise_linux_server_aus enterprise_linux_server_tus mysql +5 more products- Published: Oct. 21, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2013-2219
The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.... Read more
- Published: Jul. 31, 2013
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2021-21781
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak ke... Read more
- Published: Aug. 18, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2015-4040
Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager big-ip_edge_gateway +4 more products- Published: Sep. 17, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2010-3840
The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a craft... Read more
- Published: Jan. 14, 2011
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2014-1517
The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arrangin... Read more
- Published: Apr. 20, 2014
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2012-0102
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.... Read more
- Published: Jan. 18, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2009-4800
Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 allows remote authenticated users to delete arbitrary files via a ..// (dot dot slash slash) in a DELE command.... Read more
Affected Products : multi_server- Published: Apr. 22, 2010
- Modified: Apr. 11, 2025