CVEs from 2016
Total
8,452
critical
critical 1,165
high
high 3,521
medium
medium 3,172
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-1256 | medium | 5.3 | 5.3 | 11y ago | Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D40, 13.3 befo… | |||
| CVE-2016-1494 | medium | 5.3 | 5.3 | 11y ago | The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack. | |||
| CVE-2016-0455 | medium | — | 5.2 | 11y ago | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confident… | |||
| CVE-2016-8017 | medium | 4.1 | 5.1 | 9y ago | Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user… | |||
| CVE-2016-5894 | medium | 5.1 | 5.1 | 9y ago | IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix cons… | |||
| CVE-2016-5746 | medium | 5.1 | 5.1 | 10y ago | libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by re… | |||
| CVE-2016-6480 | medium | 5.1 | 5.1 | 10y ago | Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash)… | |||
| CVE-2016-6156 | medium | 5.1 | 5.1 | 10y ago | Race condition in the ec_device_ioctl_xcmd function in drivers/platform/chrome/cros_ec_dev.c in the Linux kernel before 4.7 allows local users to cause a denial of service (out-of-bounds array access… | |||
| CVE-2016-0252 | medium | 5.1 | 5.1 | 10y ago | IBM Control Center 6.x before 6.0.0.1 iFix06 and Sterling Control Center 5.4.x before 5.4.2.1 iFix09 allow local users to decrypt the master key via unspecified vectors. | |||
| CVE-2016-2547 | medium | 5.1 | 5.1 | 10y ago | sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use… | |||
| CVE-2016-2546 | medium | 5.1 | 5.1 | 10y ago | sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a cra… | |||
| CVE-2016-2545 | medium | 5.1 | 5.1 | 10y ago | The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race c… | |||
| CVE-2016-2544 | medium | 5.1 | 5.1 | 10y ago | Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making … | |||
| CVE-2016-0641 | medium | 5.1 | 5.1 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users… | |||
| CVE-2016-0702 | medium | 5.1 | 5.1 | 10y ago | The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiati… | |||
| CVE-2016-8762 | medium | 5.0 | 5.0 | 9y ago | The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 a… | |||
| CVE-2016-9347 | medium | 5.0 | 5.0 | 9y ago | An issue was discovered in Emerson SE4801T0X Redundant Wireless I/O Card V13.3, and SE4801T1X Simplex Wireless I/O Card V13.3. DeltaV Wireless I/O Cards (WIOC) running the firmware available in the D… | |||
| CVE-2016-6040 | medium | 5.0 | 5.0 | 10y ago | IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user due to session expiration not being enforced. | |||
| CVE-2016-0318 | medium | 5.0 | 5.0 | 10y ago | Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 does not destroy a Session ID upon a logout action, which allows remote attackers to obtain access by lev… | |||
| CVE-2016-7917 | medium | 5.0 | 5.0 | 10y ago | The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain … | |||
| CVE-2016-5594 | medium | 5.0 | 5.0 | 10y ago | Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 through 12.0.3 allows remote authenticated users to a… | |||
| CVE-2016-5553 | medium | 5.0 | 5.0 | 10y ago | Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors. | |||
| CVE-2016-3292 | medium | 5.0 | 5.0 | 10y ago | Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka "Internet Exp… | |||
| CVE-2016-4451 | medium | 5.0 | 5.0 | 10y ago | The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 and 1.12.x before 1.12.0-RC1 allow remote authenticated users with unlimited filters to bypass organization and location restricti… | |||
| CVE-2016-3256 | medium | 5.0 | 5.0 | 10y ago | Microsoft Windows 10 Gold and 1511 allows local users to bypass the Secure Kernel Mode protection mechanism and obtain sensitive information via a crafted application, aka "Windows Secure Kernel Mode… | |||
| CVE-2016-4528 | medium | 5.0 | 5.0 | 10y ago | Buffer overflow in Advantech WebAccess before 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file. | |||
| CVE-2016-2391 | medium | 5.0 | 5.0 | 10y ago | The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process … | |||
| CVE-2016-3232 | medium | 5.0 | 5.0 | 10y ago | The Virtual PCI (VPCI) virtual service provider in Microsoft Windows Server 2012 Gold and R2 allows local users to obtain sensitive information from uninitialized memory locations via a crafted appli… | |||
| CVE-2016-3230 | medium | 5.0 | 5.0 | 10y ago | The Search component in Microsoft Windows 7, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to cause a denia… | |||
| CVE-2016-2810 | medium | 5.0 | 5.0 | 10y ago | Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstra… | |||
| CVE-2016-0869 | medium | 5.0 | 5.0 | 11y ago | Heap-based buffer overflow in MICROSYS PROMOTIC before 8.3.11 allows remote authenticated users to cause a denial of service via a malformed HTML document. | |||
| CVE-2016-0585 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect availability via vectors related to ICX Error. | |||
| CVE-2016-0580 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect availability via unknown vectors. | |||
| CVE-2016-0571 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Balanced Scorecard component in Oracle E-Business Suite 11.5.10.2 and 12.1 allows remote attackers to affect confidentiality via unknown vectors. | |||
| CVE-2016-0570 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle HCM Configuration Workbench component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vecto… | |||
| CVE-2016-0569 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknow… | |||
| CVE-2016-0568 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Email Center component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to S… | |||
| CVE-2016-0567 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknow… | |||
| CVE-2016-0566 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality … | |||
| CVE-2016-0565 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors. | |||
| CVE-2016-0541 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect confidentiality via unknown vectors re… | |||
| CVE-2016-0540 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect confidentiality via unknown vectors re… | |||
| CVE-2016-0539 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors. | |||
| CVE-2016-0538 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Financial Consolidation Hub component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via un… | |||
| CVE-2016-0526 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via unk… | |||
| CVE-2016-0501 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.2 allows remote attackers to affect availability via vectors related to SGD Core. | |||
| CVE-2016-0486 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unkno… | |||
| CVE-2016-0485 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unkno… | |||
| CVE-2016-0484 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unkno… | |||
| CVE-2016-0482 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unkno… | |||
| CVE-2016-0481 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unkno… | |||
| CVE-2016-0480 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unkno… | |||
| CVE-2016-0478 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unkno… | |||
| CVE-2016-0477 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unkno… | |||
| CVE-2016-0476 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unkno… | |||
| CVE-2016-0466 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affec… | |||
| CVE-2016-0460 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.55 allows remote attackers to affect integrity via unknown vectors related to Fluid Homepa… | |||
| CVE-2016-0457 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 12.1 and 12.2 allows remote attackers to affect confidentiality via vectors related to… | |||
| CVE-2016-0456 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 12.1 and 12.2 allows remote attackers to affect confidentiality via vectors related to… | |||
| CVE-2016-0450 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect availability via unknown vectors. | |||
| CVE-2016-0439 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a diff… | |||
| CVE-2016-0421 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via vectors related to Monitoring an… | |||
| CVE-2016-0416 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect integrity via unknown vectors related to System Archive Utility. | |||
| CVE-2016-0402 | medium | — | 5.0 | 11y ago | Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vect… | |||
| CVE-2016-4043 | medium | 4.9 | 4.9 | 4y ago | Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote authenticated users to bypass Restricted Python by leveraging permissions to create or edit templates. | |||
| CVE-2016-10310 | medium | 4.9 | 4.9 | 9y ago | Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and p… | |||
| CVE-2016-7542 | medium | 4.9 | 4.9 | 9y ago | A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) s… | |||
| CVE-2016-7135 | medium | 4.9 | 4.9 | 9y ago | Directory traversal vulnerability in Plone CMS 5.x through 5.0.6 and 4.2.x through 4.3.11 allows remote administrators to read arbitrary files via a .. (dot dot) in the path parameter in a getFile ac… | |||
| CVE-2016-8375 | medium | 4.9 | 4.9 | 9y ago | An issue was discovered in Becton, Dickinson and Company (BD) Alaris 8015 Point of Care (PC) unit, Version 9.5 and prior versions, and Version 9.7, and 8000 PC unit. An unauthorized user with physica… | |||
| CVE-2016-8226 | medium | 4.9 | 4.9 | 10y ago | The BIOS in Lenovo System X M5, M6, and X6 systems allows administrators to cause a denial of service via updating a UEFI data structure. | |||
| CVE-2016-7787 | medium | 4.9 | 4.9 | 10y ago | A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user. | |||
| CVE-2016-5635 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit. | |||
| CVE-2016-5634 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR. | |||
| CVE-2016-5633 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-… | |||
| CVE-2016-5632 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. | |||
| CVE-2016-5631 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached. | |||
| CVE-2016-5630 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. | |||
| CVE-2016-5629 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated. | |||
| CVE-2016-5628 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML. | |||
| CVE-2016-5507 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. | |||
| CVE-2016-3495 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. | |||
| CVE-2016-5976 | medium | 4.9 | 4.9 | 10y ago | The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.122… | |||
| CVE-2016-1497 | medium | 4.9 | 4.9 | 10y ago | The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allow… | |||
| CVE-2016-3320 | medium | 4.9 | 4.9 | 10y ago | Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow attackers to bypass the Secure Boot protection mechanism by leveraging (1) administrative or… | |||
| CVE-2016-5442 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption. | |||
| CVE-2016-5441 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication. | |||
| CVE-2016-5440 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote admi… | |||
| CVE-2016-5439 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges. | |||
| CVE-2016-5437 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log. | |||
| CVE-2016-5436 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. | |||
| CVE-2016-3520 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote administrators to affect confidentiality via v… | |||
| CVE-2016-3459 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via… | |||
| CVE-2016-3424 | medium | 4.9 | 4.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. | |||
| CVE-2016-5092 | medium | 4.9 | 4.9 | 10y ago | Directory traversal vulnerability in Fortinet FortiWeb before 5.5.3 allows remote authenticated administrators with read and write privileges to read arbitrary files by leveraging the autolearn featu… | |||
| CVE-2016-5021 | medium | 4.9 | 4.9 | 10y ago | The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0… | |||
| CVE-2016-0731 | medium | 4.9 | 4.9 | 10y ago | The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration. | |||
| CVE-2016-0225 | medium | 4.9 | 4.9 | 10y ago | IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.9 allows remote authenticated Commerce Accelerator administrators to obtain sensitive information via unspecified vectors. | |||
| CVE-2016-2314 | medium | 4.9 | 4.9 | 10y ago | GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service (device outage) by using the FTP MKD command to crea… | |||
| CVE-2016-0465 | medium | — | 4.9 | 11y ago | Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4 allows local users to affect availability via unknown vectors related to Resource Group Manag… | |||
| CVE-2016-0428 | medium | — | 4.9 | 11y ago | Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Verified Boot. |