Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-5311 | 1 Powerdns | 1 Authoritative | 2016-12-07 | 5.0 MEDIUM | N/A |
| PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service (assertion failure and server crash) via crafted query packets. | |||||
| CVE-2015-5365 | 1 Zurmo | 1 Zurmo Crm | 2016-12-07 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Zurmo CRM 3.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "What's going on?" profile field. | |||||
| CVE-2015-5397 | 1 Joomla | 1 Joomla\! | 2016-12-07 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.2 allows remote attackers to hijack the authentication of unspecified victims for requests that upload code via unknown vectors. | |||||
| CVE-2015-5445 | 1 Hp | 1 Storeonce Backup System Software | 2016-12-07 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2015-5446 | 1 Hp | 1 Storeonce Backup System Software | 2016-12-07 | 5.8 MEDIUM | 7.5 HIGH |
| HP StoreOnce Backup system software before 3.13.1 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2015-5447 | 1 Hp | 1 Storeonce Backup System Software | 2016-12-07 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-5451 | 1 Hp | 1 Operations Orchestration | 2016-12-07 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2015-5459 | 1 Zohocorp | 1 Manageengine Password Manager Pro | 2016-12-07 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the AdvanceSearch.class in AdventNetPassTrix.jar in ManageEngine Password Manager Pro (PMP) before 8.1 Build 8101 allows remote authenticated users to execute arbitrary SQL commands via the ANDOR parameter, as demonstrated by a request to STATE_ID/1425543888647/SQLAdvancedALSearchResult.cc. | |||||
| CVE-2015-5461 | 1 Stageshow Project | 1 Stageshow | 2016-12-07 | 6.4 MEDIUM | N/A |
| Open redirect vulnerability in the Redirect function in stageshow_redirect.php in the StageShow plugin before 5.0.9 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | |||||
| CVE-2015-5504 | 1 Novalnet | 1 Novalnet Payment Module Ubercart- | 2016-12-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Novalnet Payment Module Ubercart module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-1089 | 1 Gnu | 1 Glibc | 2016-12-07 | 3.3 LOW | N/A |
| The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296. | |||||
| CVE-2015-4909 | 1 Oracle | 1 Fusion Middleware | 2016-12-07 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote attackers to affect integrity via vectors related to ADF Faces. | |||||
| CVE-2015-4912 | 1 Oracle | 1 Fusion Middleware | 2016-12-07 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.2 and 11.1.2.3 allows remote attackers to affect confidentiality via vectors related to SSO Engine. | |||||
| CVE-2015-4919 | 1 Oracle | 1 Jd Edwards Products | 2016-12-07 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Monitoring and Diagnostics SEC. | |||||
| CVE-2015-4920 | 1 Oracle | 1 Solaris | 2016-12-07 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity via vectors related to NDMP Backup Service. | |||||
| CVE-2015-4921 | 1 Oracle | 1 Database Server | 2016-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect integrity via unknown vectors. | |||||
| CVE-2015-4922 | 1 Oracle | 1 Solaris | 2016-12-07 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to Boot. | |||||
| CVE-2015-4923 | 1 Oracle | 1 Database Server | 2016-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown vectors. | |||||
| CVE-2015-4924 | 1 Oracle | 1 Supply Chain Products Suite | 2016-12-07 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect integrity via vectors related to Security. | |||||
| CVE-2015-4925 | 1 Oracle | 1 Database Server | 2016-12-07 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.2.0.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||