Total
7102 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-6150 | 1 Freebsd | 1 Freebsd | 2017-07-29 | 2.1 LOW | N/A |
| The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of those values. | |||||
| CVE-2016-8286 | 1 Oracle | 1 Mysql | 2017-07-29 | 3.5 LOW | 3.1 LOW |
| Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges. | |||||
| CVE-2016-5495 | 1 Oracle | 1 Discoverer | 2017-07-29 | 5.0 MEDIUM | 7.5 HIGH |
| Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to EUL Code & Schema. | |||||
| CVE-2016-5505 | 1 Oracle | 1 Database Server | 2017-07-29 | 2.1 LOW | 5.5 MEDIUM |
| Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors. | |||||
| CVE-2016-8295 | 1 Oracle | 1 Peoplesoft Enterprise Human Capital Management Time And Labor | 2017-07-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2016-5621 | 1 Oracle | 1 Flexcube Universal Banking | 2017-07-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 and 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5603. | |||||
| CVE-2016-5596 | 1 Oracle | 1 Customer Relationship Management Technical Foundation | 2017-07-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2007-6221 | 1 Tumusika Evolution | 1 Tumusika Evolution | 2017-07-29 | 7.8 HIGH | N/A |
| TuMusika Evolution 1.7R5 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2016-5328 | 2 Apple, Vmware | 2 Mac Os X, Tools | 2017-07-29 | 2.1 LOW | 5.5 MEDIUM |
| VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors. | |||||
| CVE-2016-3562 | 1 Oracle | 1 Database Server | 2017-07-29 | 4.3 MEDIUM | 2.4 LOW |
| Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to DBA. | |||||
| CVE-2007-5404 | 1 Layton Technology | 1 Helpbox | 2017-07-29 | 5.0 MEDIUM | N/A |
| Layton HelpBox 3.7.1 generates different responses depending on whether or not a username is valid in a failed login attempt, which allows remote attackers to enumerate valid usernames. | |||||
| CVE-2007-4688 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 5.0 MEDIUM | N/A |
| The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query. | |||||
| CVE-2007-4991 | 1 Microsoft | 1 Isa Server | 2017-07-29 | 5.0 MEDIUM | N/A |
| The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information (the destination IP address of another user's session) via an empty packet. | |||||
| CVE-2007-5701 | 1 Ibm | 1 Lotus Domino | 2017-07-29 | 2.1 LOW | N/A |
| Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7.0.3 allows local users, or attackers with physical access, to obtain sensitive information (passwords) when an administrator enters a "ca activate" or "ca unlock" command with any uppercase character, which bypasses a blacklist designed to suppress password logging, resulting in cleartext password disclosure in the console log and Admin panel. | |||||
| CVE-2007-4655 | 1 Cgi-rescue | 1 Shopping Basket Professional | 2017-07-29 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi. | |||||
| CVE-2007-5172 | 1 Quicksilver Forums | 1 Quicksilver Forums | 2017-07-29 | 5.0 MEDIUM | N/A |
| Quicksilver Forums before 1.4.1 allows remote attackers to obtain sensitive information by causing unspecified connection errors, which reveals the database password in the resulting error message. | |||||
| CVE-2007-5473 | 2 Microsoft, Mono | 2 Windows, Mono | 2017-07-29 | 5.0 MEDIUM | N/A |
| StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when running on Windows, allows remote attackers to obtain source code of sensitive files via a request containing a trailing (1) space or (2) dot, which is not properly handled by XSP. | |||||
| CVE-2007-4514 | 1 Hp | 1 Procurve Manager | 2017-07-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors. | |||||
| CVE-2007-2479 | 1 Cerulean Studios | 1 Trillian | 2017-07-29 | 7.1 HIGH | 5.9 MEDIUM |
| Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be sent to the attacker. | |||||
| CVE-2007-3008 | 1 Mbedthis Software | 1 Mbedthis Appweb Http Server | 2017-07-29 | 4.3 MEDIUM | N/A |
| Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has unspecified impact probably related to remote information leaks and cross-site tracing (XST) attacks, a related issue to CVE-2004-2320 and CVE-2005-3398. | |||||