Total
31854 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0464 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 8 allows remote attackers to affect confidentiality via unknown vectors related to Scripting, a different vulnerability than CVE-2014-0463. | |||||
| CVE-2014-0867 | 1 Ibm | 2 Algo Credit Limits, Algorithmics | 2025-04-12 | 5.8 MEDIUM | N/A |
| rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to create or modify cookies via the query string. | |||||
| CVE-2014-2544 | 1 Tibco | 7 Analyst, Automation Services, Deployment Kit and 4 more | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2015-0883 | 1 Synck Graphica | 1 Mailform Pro Cgi | 2025-04-12 | 6.8 MEDIUM | N/A |
| SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2015-2586 | 1 Oracle | 1 Database Server | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect availability via unknown vectors. | |||||
| CVE-2016-4086 | 1 Huawei | 1 Hisuite | 2025-04-12 | 2.9 LOW | 5.3 MEDIUM |
| Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before 4.0.4.204_ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors. | |||||
| CVE-2016-3541 | 1 Oracle | 1 Common Applications Calendar | 2025-04-12 | 9.4 HIGH | 9.1 CRITICAL |
| Unspecified vulnerability in the Oracle Common Applications Calendar component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Notes. | |||||
| CVE-2015-2708 | 3 Mozilla, Novell, Opensuse | 7 Firefox, Firefox Esr, Thunderbird and 4 more | 2025-04-12 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2016-4148 | 8 Adobe, Apple, Google and 5 more | 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | |||||
| CVE-2014-3166 | 5 Apple, Debian, Google and 2 more | 7 Iphone Os, Mac Os X, Debian Linux and 4 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| The Public Key Pinning (PKP) implementation in Google Chrome before 36.0.1985.143 on Windows, OS X, and Linux, and before 36.0.1985.135 on Android, does not correctly consider the properties of SPDY connections, which allows remote attackers to obtain sensitive information by leveraging the use of multiple domain names. | |||||
| CVE-2015-4916 | 1 Oracle | 3 Javafx, Jdk, Jre | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4908. | |||||
| CVE-2014-2458 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile Product Lifecycle component in Oracle Supply Chain Products Suite 6.1.0.3 and 6.1.1.3 allows remote attackers to affect integrity via unknown vectors related to Install. | |||||
| CVE-2014-0930 | 1 Ibm | 2 Aix, Vios | 2025-04-12 | 4.7 MEDIUM | N/A |
| The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation. | |||||
| CVE-2014-6507 | 3 Mariadb, Oracle, Suse | 7 Mariadb, Mysql, Solaris and 4 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML. | |||||
| CVE-2014-6476 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6527. | |||||
| CVE-2016-3545 | 1 Oracle | 1 Application Object Library | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Web based help screens. | |||||
| CVE-2014-3901 | 1 Raritan | 2 Dominion Kx Ii-101, Dominion Kx Ii-101 Firmware | 2025-04-12 | 7.8 HIGH | N/A |
| Raritan Japan Dominion KX2-101 switches before 2 allow remote attackers to cause a denial of service (device hang) via a crafted packet. | |||||
| CVE-2016-1188 | 1 Cybozu | 1 Garoon | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to send spoofed e-mail messages via unspecified vectors. | |||||
| CVE-2015-7069 | 1 Apple | 1 Iphone Os | 2025-04-12 | 9.3 HIGH | N/A |
| Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname, a different vulnerability than CVE-2015-7070. | |||||
| CVE-2016-5440 | 6 Canonical, Debian, Ibm and 3 more | 12 Ubuntu Linux, Debian Linux, Powerkvm and 9 more | 2025-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR. | |||||