Latest CVE Feed
-
4.0
MEDIUMCVE-2021-2175
Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any View, Select Any View pri... Read more
Affected Products : database_server- Published: Apr. 22, 2021
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2023-43035
IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally which can be read by another user on the system.... Read more
- Published: Apr. 10, 2025
- Modified: Jul. 18, 2025
- Vuln Type: Information Disclosure
-
4.0
MEDIUMCVE-2016-3024
IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system.... Read more
- Published: Feb. 01, 2017
- Modified: Apr. 20, 2025
-
4.0
MEDIUMCVE-2016-0458
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to Kernel DAX.... Read more
Affected Products : solaris- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-2947
IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 4.0 ... Read more
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4040
Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager big-ip_edge_gateway +4 more products- Published: Sep. 17, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-0427
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows remote authenticated users to affect confidentiality via unknown vectors related to UI ... Read more
- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2007-4669
The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log (firebird.log), aka CORE-1148.... Read more
- Published: Sep. 04, 2007
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2025-49128
Jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's `JsonLocation._appendSourceDesc` method allows... Read more
Affected Products :- Published: Jun. 06, 2025
- Modified: Jun. 09, 2025
- Vuln Type: Information Disclosure
-
4.0
MEDIUMCVE-2024-37387
Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, files in the PC where the product is installed may be altered.... Read more
Affected Products :- Published: Jun. 19, 2024
- Modified: Nov. 21, 2024
-
4.0
MEDIUMCVE-2012-2353
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section.... Read more
Affected Products : moodle- Published: Jul. 21, 2012
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2016-2868
IBM Security QRadar SIEM 7.2.x before 7.2.7 allows remote authenticated administrators to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.... Read more
Affected Products : qradar_security_information_and_event_manager- Published: Jul. 02, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2006-2449
KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login.... Read more
- Published: Jun. 15, 2006
- Modified: Apr. 03, 2025
-
4.0
MEDIUMCVE-2016-0462
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote authenticated users to affect confidentiality via unknown vectors related to Multichannel Framework, a different vulnera... Read more
- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2008-3997
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 10.1.0.5 and 10.2.0.3 allows remote authenticated users to affect availability, related to SYS.DBMS_XSOQ_ODBO.... Read more
- Published: Jan. 14, 2009
- Modified: Apr. 09, 2025
-
4.0
MEDIUMCVE-2006-3081
mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.... Read more
- Published: Jun. 19, 2006
- Modified: Apr. 03, 2025
-
4.0
MEDIUMCVE-2011-0840
Unspecified vulnerability in Oracle PeopleSoft Enterprise PeopleTools 8.49 GA through 8.49.30 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing.... Read more
- Published: Apr. 20, 2011
- Modified: Apr. 11, 2025
-
4.0
MEDIUMCVE-2016-0616
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.... Read more
Affected Products : ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation leap enterprise_linux_server_aus enterprise_linux_server_eus mysql mariadb +4 more products- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-4213
Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.... Read more
Affected Products : nx-os nexus_93120tx nexus_93128tx nexus_9332pq nexus_9336pq_aci_spine nexus_9372px nexus_9372tx nexus_9396px nexus_9396tx nexus_9504 +2 more products- Published: Jun. 24, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2020-15185
In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repos... Read more
Affected Products : helm- Published: Sep. 17, 2020
- Modified: Nov. 21, 2024