CVE Daily
← All years

Uncategorized 2016

Page 16/19.

CVEs without a recognized CWE (not present in the CWE map or marked as N/A).

CVSS ≥ 0.0
2016-02-03
Critical

CVE-2016-1906

Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.

CVSS: 9.8CWE: CWE-264
Read more
Critical

CVE-2016-1505

The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore.

CVSS: 10.0CWE: CWE-21
Read more
Medium

CVE-2015-8748

Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by ".*".

CVSS: 5.3CWE: CWE-264
Read more
High

CVE-2015-7538

Jenkins before 1.640 and LTS before 1.625.2 allow remote attackers to bypass the CSRF protection mechanism via unspecified vectors.

CVSS: 8.8CWE: N/A
Read more
Critical

CVE-2015-5344

The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.

CVSS: 9.8CWE: CWE-19
Read more
2016-02-01
Medium

CVE-2016-1730

WebSheet in Apple iOS before 9.2.1 allows remote attackers to read or write to cookies by operating a crafted captive portal.

CVSS: 5.4CWE: CWE-19
Read more
High

CVE-2016-1729

Untrusted search path vulnerability in OSA Scripts in Apple OS X before 10.11.3 allows attackers to load arbitrary script libraries via a quarantined application.

CVSS: 7.3CWE: N/A
Read more
2016-01-31
Medium

CVE-2016-1948

Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modi…

CVSS: 5.3CWE: CWE-310
Read more
Medium

CVE-2016-1947

Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of re…

CVSS: 4.7CWE: CWE-19
Read more
High

CVE-2016-1945

The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer d…

CVSS: 8.8CWE: N/A
Read more
Medium

CVE-2016-1943

Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.

CVSS: 4.7CWE: CWE-17
Read more
Medium

CVE-2016-1940

Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing.

CVSS: 5.3CWE: CWE-17
Read more
Medium

CVE-2016-1938

The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier fo…

CVSS: 6.5CWE: CWE-310
Read more
Medium

CVE-2016-1933

Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted G…

CVSS: 6.5CWE: CWE-189
Read more
2016-01-30
Medium

CVE-2016-1140

KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors.

CVSS: 6.1CWE: CWE-254
Read more
Medium

CVE-2016-1138

CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to inject arbitrary HTTP headers via unspecified vectors.

CVSS: 4.7CWE: N/A
Read more
High

CVE-2016-1137

Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

CVSS: 7.4CWE: N/A
Read more
Critical

CVE-2015-7923

Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanism…

CVSS: 9.0CWE: CWE-310
Read more
2016-01-29
High

CVE-2016-0738

OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x before 2.5.1 (Liberty) do not properly close server connections, which allows remote attackers to cause a denial of service (pro…

CVSS: 7.5CWE: CWE-399
Read more
High

CVE-2016-0737

OpenStack Object Storage (Swift) before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series o…

CVSS: 7.5CWE: CWE-399
Read more
Critical

CVE-2015-8772

McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a large…

CVSS: 9.1CWE: CWE-19
Read more
High

CVE-2016-1882

FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9 allow remote attackers to cause a denial of service (kernel crash) via vectors related to creating a TCP connection with the TCP_MD5SIG and…

CVSS: 7.5CWE: CWE-19
Read more
High

CVE-2016-1879

The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denia…

CVSS: 7.5CWE: N/A
Read more
Critical

CVE-2015-8789

Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" fo…

CVSS: 9.6CWE: N/A
Read more
High

CVE-2015-7464

Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote attackers to cause a denial of service (Report Builder…

CVSS: 7.5CWE: N/A
Read more
2016-01-27
Medium

CVE-2016-1299

The web-management GUI implementation on Cisco Small Business SG300 devices 1.4.1.x allows remote attackers to cause a denial of service (HTTPS outage) via crafted HTTPS requests, aka Bug ID CSCuw871…

CVSS: 5.3CWE: CWE-399
Read more
High

CVE-2015-6421

cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to…

CVSS: 7.5CWE: CWE-399
Read more
Medium

CVE-2016-2047

The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11…

CVSS: 5.9CWE: CWE-254
Read more
Critical

CVE-2016-1896

Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypa…

CVSS: 9.8CWE: CWE-254
Read more
2016-01-26
High

CVE-2016-1567

chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arb…

CVSS: 8.1CWE: CWE-254
Read more
High

CVE-2016-1491

The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by lev…

CVSS: 8.8CWE: CWE-255
Read more
High

CVE-2016-1233

An unspecified udev rule in the Debian fuse package in jessie before 2.9.3-15+deb8u2, in stretch before 2.9.5-1, and in sid before 2.9.5-1 sets world-writable permissions for the /dev/cuse character…

CVSS: 7.8CWE: CWE-264
Read more
2016-01-25
High

CVE-2016-2052

Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted dat…

CVSS: 7.6CWE: N/A
Read more
Critical

CVE-2016-2051

Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unkno…

CVSS: 9.8CWE: N/A
Read more
High

CVE-2016-1620

Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVSS: 8.8CWE: N/A
Read more
Medium

CVE-2016-1616

The CustomButton::AcceleratorPressed function in ui/views/controls/button/custom_button.cc in Google Chrome before 48.0.2564.82 allows remote attackers to spoof URLs via vectors involving an unfocuse…

CVSS: 4.3CWE: CWE-254
Read more
Medium

CVE-2016-1615

The Omnibox implementation in Google Chrome before 48.0.2564.82 allows remote attackers to spoof a document's origin via unspecified vectors.

CVSS: 6.5CWE: CWE-254
Read more
High

CVE-2016-1613

Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have…

CVSS: 7.6CWE: N/A
Read more
2016-01-22
Medium

CVE-2016-1571

The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of…

CVSS: 6.3CWE: CWE-17
Read more
Medium

CVE-2015-7744

wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimization…

CVSS: 5.9CWE: N/A
Read more
High

CVE-2015-6925

wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to cause a denial of service (resource consumption or traffic amplification) via a crafted DTLS cookie in a ClientHello message.

CVSS: 7.5CWE: CWE-399
Read more
Critical

CVE-2015-6015

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Ou…

CVSS: 10.0CWE: N/A
Read more
Critical

CVE-2015-6014

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Ou…

CVSS: 10.0CWE: N/A
Read more
Critical

CVE-2015-6013

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Ou…

CVSS: 10.0CWE: N/A
Read more
Critical

CVE-2016-1984

The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access v…

CVSS: 9.8CWE: CWE-255
Read more
Critical

CVE-2015-8362

The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access…

CVSS: 9.8CWE: CWE-255
Read more
Critical

CVE-2015-6412

Cisco Modular Encoding Platform D9036 Software before 02.04.70 has hardcoded (1) root and (2) guest passwords, which makes it easier for remote attackers to obtain access via an SSH session, aka Bug…

CVSS: 9.8CWE: CWE-255
Read more
2016-01-21
Low

CVE-2016-0618

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via unknown vectors related to Zones.

CVSS: 1.4CWE: N/A
Read more
Medium

CVE-2016-0616

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via u…

CVSS: 4.0CWE: N/A
Read more
Medium

CVE-2016-0614

Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality via unkno…

CVSS: 4.0CWE: N/A
Read more
Low

CVE-2016-0610

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related t…

CVSS: 3.5CWE: N/A
Read more
Low

CVE-2016-0609

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated use…

CVSS: 1.7CWE: N/A
Read more
Low

CVE-2016-0608

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated use…

CVSS: 3.5CWE: N/A
Read more
Low

CVE-2016-0607

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication.

CVSS: 2.8CWE: N/A
Read more
Low

CVE-2016-0606

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated use…

CVSS: 3.5CWE: N/A
Read more
Low

CVE-2016-0605

Unspecified vulnerability in Oracle MySQL 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors.

CVSS: 2.1CWE: N/A
Read more
Medium

CVE-2016-0602

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.14 allows local users to affect confidentiality, integrity, and availability via unknown…

CVSS: 6.2CWE: N/A
Read more
Low

CVE-2016-0601

Unspecified vulnerability in Oracle MySQL 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Partition.

CVSS: 3.5CWE: N/A
Read more
Low

CVE-2016-0600

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated use…

CVSS: 3.5CWE: N/A
Read more
Low

CVE-2016-0599

Unspecified vulnerability in Oracle MySQL 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

CVSS: 3.5CWE: N/A
Read more
Low

CVE-2016-0598

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated use…

CVSS: 3.5CWE: N/A
Read more
Medium

CVE-2016-0597

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated use…

CVSS: 4.0CWE: N/A
Read more
Medium

CVE-2016-0596

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to af…

CVSS: 4.0CWE: N/A
Read more
Medium

CVE-2016-0595

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier allows remote authenticated users to affect availability via vectors related to DML.

CVSS: 4.0CWE: N/A
Read more
Medium

CVE-2016-0594

Unspecified vulnerability in Oracle MySQL 5.6.21 and earlier allows remote authenticated users to affect availability via vectors related to DML.

CVSS: 4.3CWE: N/A
Read more
Low

CVE-2016-0592

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and before 5.0.14 allows local users to affect availability via unknown vectors relat…

CVSS: 2.1CWE: N/A
Read more
Medium

CVE-2016-0591

Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via…

CVSS: 5.5CWE: N/A
Read more
Medium

CVE-2016-0590

Unspecified vulnerability in the PeopleSoft Enterprise SCM Order Management component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote attackers to affect integrity via unknown vectors.

CVSS: 4.3CWE: N/A
Read more
Medium

CVE-2016-0589

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0588

Unspecified vulnerability in the Oracle General Ledger component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to Consolidation Hierarch…

CVSS: 4.3CWE: N/A
Read more
Medium

CVE-2016-0587

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality via unknown…

CVSS: 4.0CWE: N/A
Read more
Medium

CVE-2016-0586

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to iHelp.

CVSS: 4.3CWE: N/A
Read more
Medium

CVE-2016-0585

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect availability via vectors related to ICX Error.

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2016-0584

Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Componen…

CVSS: 4.3CWE: N/A
Read more
Medium

CVE-2016-0583

Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Componen…

CVSS: 4.3CWE: N/A
Read more
Medium

CVE-2016-0582

Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Componen…

CVSS: 4.3CWE: N/A
Read more
Medium

CVE-2016-0581

Unspecified vulnerability in the Oracle Approvals Management component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to AME…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0580

Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect availability via unknown vectors.

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2016-0579

Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Componen…

CVSS: 4.3CWE: N/A
Read more
Medium

CVE-2016-0578

Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to…

CVSS: 6.4CWE: N/A
Read more
High

CVE-2016-0577

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and avai…

CVSS: 7.5CWE: N/A
Read more
Medium

CVE-2016-0576

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related t…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0575

Unspecified vulnerability in the Oracle Learning Management component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to OTA Self Service.

CVSS: 4.3CWE: N/A
Read more
High

CVE-2016-0574

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and avai…

CVSS: 7.5CWE: N/A
Read more
High

CVE-2016-0573

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and avai…

CVSS: 7.5CWE: N/A
Read more
High

CVE-2016-0572

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and avai…

CVSS: 7.5CWE: N/A
Read more
Medium

CVE-2016-0571

Unspecified vulnerability in the Oracle Balanced Scorecard component in Oracle E-Business Suite 11.5.10.2 and 12.1 allows remote attackers to affect confidentiality via unknown vectors.

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2016-0570

Unspecified vulnerability in the Oracle HCM Configuration Workbench component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vecto…

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2016-0569

Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknow…

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2016-0568

Unspecified vulnerability in the Oracle Email Center component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to S…

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2016-0567

Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknow…

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2016-0566

Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality…

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2016-0565

Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors.

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2016-0564

Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality…

CVSS: 5.5CWE: N/A
Read more
Medium

CVE-2016-0563

Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0562

Unspecified vulnerability in the Oracle Common Applications component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via vector…

CVSS: 4.0CWE: N/A
Read more
Medium

CVE-2016-0561

Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality…

CVSS: 5.5CWE: N/A
Read more
Medium

CVE-2016-0560

Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0559

Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0558

Unspecified vulnerability in the Oracle Service Contracts component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors re…

CVSS: 4.3CWE: N/A
Read more
Medium

CVE-2016-0557

Unspecified vulnerability in the Oracle Advanced Collections component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality and…

CVSS: 5.5CWE: N/A
Read more
Medium

CVE-2016-0556

Unspecified vulnerability in the Oracle Advanced Collections component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality and…

CVSS: 5.5CWE: N/A
Read more
Medium

CVE-2016-0555

Unspecified vulnerability in the Oracle CADView-3D component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related t…

CVSS: 4.3CWE: N/A
Read more
Medium

CVE-2016-0554

Unspecified vulnerability in the Oracle Interaction Center Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality an…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0553

Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integr…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0552

Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0551

Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0550

Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality a…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0549

Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0548

Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0547

Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela…

CVSS: 6.4CWE: N/A
Read more
High

CVE-2016-0546

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect co…

CVSS: 7.2CWE: N/A
Read more
Medium

CVE-2016-0545

Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0544

Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Archite…

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0543

Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Preview.

CVSS: 6.4CWE: N/A
Read more
Medium

CVE-2016-0542

Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via unknown v…

CVSS: 4.3CWE: N/A
Read more
Medium

CVE-2016-0541

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect confidentiality via unknown vectors re…

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2016-0540

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect confidentiality via unknown vectors re…

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2016-0539

Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors.

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2016-0538

Unspecified vulnerability in the Oracle Financial Consolidation Hub component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via un…

CVSS: 5.0CWE: N/A
Read more
>