Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1904 | 1 Roundcube | 1 Webmail | 2014-02-10 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers to read arbitrary files via a full pathname in the _value parameter for the generic_message_footer setting in a save-perf action to index.php, as exploited in the wild in March 2013. | |||||
| CVE-2012-5524 | 1 Gajim | 1 Gajim | 2014-02-10 | 4.3 MEDIUM | N/A |
| The _ssl_verify_callback function in tls_nb.py in Gajim before 0.15.3 does not properly verify SSL certificates, which allows remote attackers to conduct man-in-the-middle (MITM) attacks and spoof servers via an arbitrary certificate from a trusted CA. | |||||
| CVE-2011-4099 | 1 Libcap | 1 Libcap | 2014-02-10 | 4.6 MEDIUM | N/A |
| The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors. | |||||
| CVE-2010-4226 | 2 Gnu, Opensuse | 2 Cpio, Opensuse | 2014-02-07 | 5.0 MEDIUM | N/A |
| cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive. | |||||
| CVE-2014-1870 | 2 Apple, Opera | 2 Mac Os X, Opera Browser | 2014-02-07 | 4.3 MEDIUM | N/A |
| Opera before 19 on Mac OS X allows user-assisted remote attackers to spoof the address bar via vectors involving a drag-and-drop operation. | |||||
| CVE-2013-2038 | 2 Canonical, Gpsd Project | 2 Ubuntu Linux, Gpsd | 2014-02-07 | 4.3 MEDIUM | N/A |
| The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon termination) and possibly execute arbitrary code via a GPS packet with a malformed $GPGGA interpreted sentence that lacks certain fields and a terminator. NOTE: a separate issue in the AIS driver was also reported, but it might not be a vulnerability. | |||||
| CVE-2014-0366 | 1 Oracle | 1 E-business Suite | 2014-02-06 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, and 12.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Attachments. | |||||
| CVE-2014-0367 | 1 Oracle | 1 Hyperion | 2014-02-06 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Hyperion Essbase Administration Services component in Oracle Hyperion 11.1.2.1, 11.1.2.2, and 11.1.2.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Admin Console. | |||||
| CVE-2014-0370 | 1 Oracle | 1 Siebel Crm | 2014-02-06 | 2.8 LOW | N/A |
| Unspecified vulnerability in the Siebel Life Sciences component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Clinical Trip Report. | |||||
| CVE-2014-0371 | 1 Oracle | 2 Supply Chain Products Suite, Supply Chain Products Suite Sql-server | 2014-02-06 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote authenticated users to affect integrity via unknown vectors related to DM Others. | |||||
| CVE-2014-0374 | 1 Oracle | 1 Fusion Middleware | 2014-02-06 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Portal component in Oracle Fusion Middleware 11.1.1.6 allows remote attackers to affect integrity via unknown vectors related to Page Parameters and Events. | |||||
| CVE-2014-0380 | 1 Oracle | 1 Peoplesoft Products | 2014-02-06 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect integrity via vectors related to MultiChannel Framework (MCF). | |||||
| CVE-2014-0381 | 1 Oracle | 1 Peoplesoft Products | 2014-02-06 | 2.6 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect integrity via vectors related to PIA Core Technology, a different vulnerability than CVE-2014-0445. | |||||
| CVE-2014-0383 | 1 Oracle | 1 Fusion Middleware | 2014-02-06 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0 and 11.1.2.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Identity Console. | |||||
| CVE-2014-0388 | 1 Oracle | 1 Peoplesoft Products | 2014-02-06 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS Human Resources component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Org and Workforce Dev. | |||||
| CVE-2014-0398 | 1 Oracle | 1 E-business Suite | 2014-02-06 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, and 12.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Discoverer. | |||||
| CVE-2014-0399 | 1 Oracle | 1 Supply Chain Products Suite | 2014-02-06 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.2, 6.3, 6.3.1, and 6.3.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Data, Domain & Function Security. | |||||
| CVE-2014-0400 | 1 Oracle | 1 Fusion Middleware | 2014-02-06 | 6.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to OID LDAP server. | |||||
| CVE-2014-0425 | 1 Oracle | 1 Peoplesoft Products | 2014-02-06 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security. | |||||
| CVE-2014-0434 | 1 Oracle | 1 Supply Chain Products Suite | 2014-02-06 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0, 6.1, and 6.1.1 allows remote attackers to affect integrity via unknown vectors related to Installation. | |||||