Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-4353 | 1 Osscube | 1 Custom Sitemap | 2016-06-09 | 5.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Custom Sitemap module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete sitemaps via unspecified vectors. | |||||
| CVE-2015-4368 | 1 Commerce Ogone Project | 1 Commerce Ogone | 2016-06-09 | 5.0 MEDIUM | N/A |
| The Commerce Ogone module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to complete the checkout for an order without paying via unspecified vectors. | |||||
| CVE-2016-0436 | 1 Oracle | 1 Retail Applications | 2016-06-09 | 1.9 LOW | N/A |
| Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-2016-0437, and CVE-2016-0438. | |||||
| CVE-2016-0437 | 1 Oracle | 1 Retail Applications | 2016-06-09 | 1.9 LOW | N/A |
| Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-2016-0436, and CVE-2016-0438. | |||||
| CVE-2016-0409 | 1 Oracle | 1 Peoplesoft Products | 2016-06-09 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM Global Payroll Switzerland component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via vectors related to Security. | |||||
| CVE-2016-0412 | 1 Oracle | 1 Peoplesoft Supply Chain Management Eprocurement | 2016-06-09 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise SCM eProcurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect integrity via unknown vectors related to Manage Requisition Status. | |||||
| CVE-2016-0435 | 1 Oracle | 1 Retail Applications | 2016-06-09 | 3.3 LOW | N/A |
| Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality and integrity via vectors related to Mobile POS. | |||||
| CVE-2016-0434 | 1 Oracle | 1 Retail Applications | 2016-06-09 | 1.9 LOW | N/A |
| Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0436, CVE-2016-0437, and CVE-2016-0438. | |||||
| CVE-2016-0591 | 1 Oracle | 1 Peoplesoft Supply Chain Management Purchasing | 2016-06-09 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Supplier Change. | |||||
| CVE-2015-7827 | 3 Botan Project, Debian, Fedoraproject | 3 Botan, Debian Linux, Fedora | 2016-06-09 | 5.0 MEDIUM | 7.5 HIGH |
| Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding. | |||||
| CVE-2015-4426 | 1 Pimcore | 1 Pimcore | 2016-06-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pimcore before build 3473 allows remote attackers to execute arbitrary SQL commands via the filter parameter to admin/asset/grid-proxy. | |||||
| CVE-2016-1232 | 3 Debian, Fedoraproject, Prosody | 3 Debian Linux, Fedora, Prosody | 2016-06-09 | 5.0 MEDIUM | 7.5 HIGH |
| The mod_dialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack. | |||||
| CVE-2016-4545 | 1 F5 | 9 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 6 more | 2016-06-09 | 5.0 MEDIUM | 7.5 HIGH |
| Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, allow remote attackers to cause a denial of service (resource consumption and Traffic Management Microkernel restart) via an SSL alert during the handshake. | |||||
| CVE-2016-2160 | 1 Redhat | 2 Openshift, Openshift Origin | 2016-06-09 | 9.0 HIGH | 8.8 HIGH |
| Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing the root password in an sti builder image. | |||||
| CVE-2015-1797 | 2016-06-09 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2016-0506 | 1 Oracle | 1 Retail Order Management System Cloud Service | 2016-06-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Retail Order Management System Cloud Service component in Oracle Retail Applications 3.5, 4.5, 4.7, 5.0, and 15.0 allows remote attackers to affect confidentiality via unknown vectors related to Order Entry. | |||||
| CVE-2016-0590 | 1 Oracle | 1 Peoplesoft Supply Chain Management Order Management | 2016-06-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise SCM Order Management component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2016-0496 | 1 Oracle | 1 Micros Cwdirect | 2016-06-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the MICROS CWDirect component in Oracle Retail Applications 12.5, 13.0, 14.0, 15.0, 16.0, 17.0, and 18.0 allows remote attackers to affect confidentiality via unknown vectors related to Order Entry. | |||||
| CVE-2016-0522 | 1 Oracle | 1 Retail Open Commerce Platform Cloud Service | 2016-06-08 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Retail Open Commerce Platform Cloud Service component in Oracle Retail Applications 3.5, 4.5, 4.7, and 5.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Framework. | |||||
| CVE-2016-0508 | 1 Oracle | 1 Ilearning | 2016-06-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect integrity via unknown vectors related to Learner Administration. | |||||