Total
6955 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4758 | 2 Apple, Microsoft | 4 Iphone Os, Itunes, Safari and 1 more | 2017-07-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly restrict access to the location variable, which allows remote attackers to obtain sensitive information via a crafted web site. | |||||
| CVE-2016-4755 | 1 Apple | 1 Mac Os X | 2017-07-29 | 2.1 LOW | 5.5 MEDIUM |
| Terminal in Apple OS X before 10.12 uses weak permissions for the .bash_history and .bash_session files, which allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-4739 | 1 Apple | 1 Mac Os X | 2017-07-29 | 4.3 MEDIUM | 3.7 LOW |
| mDNSResponder in Apple OS X before 10.12, when VMnet.framework is used, arranges for a DNS proxy to listen on all interfaces, which allows remote attackers to obtain sensitive information by sending a DNS query to an unintended interface. | |||||
| CVE-2016-4715 | 1 Apple | 1 Mac Os X | 2017-07-29 | 4.3 MEDIUM | 3.3 LOW |
| The Date & Time Pref Pane component in Apple OS X before 10.12 mishandles the .GlobalPreferences file, which allows attackers to discover a user's location via a crafted app. | |||||
| CVE-2016-5986 | 1 Ibm | 1 Websphere Application Server | 2017-07-29 | 5.0 MEDIUM | 7.5 HIGH |
| IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, 8.5.x before 8.5.5.11, 9.0.x before 9.0.0.2, and Liberty before 16.0.0.3 mishandles responses, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-5282 | 1 Mozilla | 1 Firefox | 2017-07-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource. | |||||
| CVE-2016-4771 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-07-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| The kernel in Apple iOS before 10 and OS X before 10.12 allows local users to bypass intended file-access restrictions via a crafted directory pathname. | |||||
| CVE-2016-0903 | 1 Emc | 1 Avamar Server | 2017-07-29 | 6.4 MEDIUM | 9.1 CRITICAL |
| Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client agent. | |||||
| CVE-2016-5602 | 1 Oracle | 1 Data Integrator | 2017-07-28 | 3.5 LOW | 5.7 MEDIUM |
| Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine. | |||||
| CVE-2016-5596 | 1 Oracle | 1 Customer Relationship Management Technical Foundation | 2017-07-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2016-5479 | 1 Oracle | 1 Flexcube Universal Banking | 2017-07-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 allows remote authenticated users to affect confidentiality via vectors related to INFRA. | |||||
| CVE-2016-5329 | 2 Apple, Vmware | 2 Mac Os X, Fusion | 2017-07-28 | 2.1 LOW | 5.5 MEDIUM |
| VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors. | |||||
| CVE-2016-5621 | 1 Oracle | 1 Flexcube Universal Banking | 2017-07-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 and 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5603. | |||||
| CVE-2016-5603 | 1 Oracle | 1 Flexcube Universal Banking | 2017-07-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5621. | |||||
| CVE-2016-5495 | 1 Oracle | 1 Discoverer | 2017-07-28 | 5.0 MEDIUM | 7.5 HIGH |
| Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to EUL Code & Schema. | |||||
| CVE-2016-5500 | 1 Oracle | 1 Discoverer | 2017-07-28 | 5.0 MEDIUM | 7.5 HIGH |
| Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to Viewer. | |||||
| CVE-2016-5618 | 1 Oracle | 1 Data Integrator | 2017-07-28 | 3.5 LOW | 3.1 LOW |
| Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.2.0.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine. | |||||
| CVE-2016-5498 | 1 Oracle | 1 Database Server | 2017-07-28 | 2.1 LOW | 3.3 LOW |
| Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5499. | |||||
| CVE-2016-5575 | 1 Oracle | 1 Common Applications | 2017-07-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| Unspecified vulnerability in the Oracle Common Applications Calendar component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Resources Module. | |||||
| CVE-2016-5505 | 1 Oracle | 1 Database Server | 2017-07-28 | 2.1 LOW | 5.5 MEDIUM |
| Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors. | |||||