244601
|
4.0 |
MEDIUM
|
oracle
|
application_object_library e-business_suite
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors, a different vulnerability th…
|
NVD-CWE-noinfo
|
CVE-2008-2586
|
2016-11-22 11:59 |
2008-07-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244602
|
6.5 |
MEDIUM
|
oracle
|
application_object_library e-business_suite
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors, a different vulnerability th…
|
NVD-CWE-noinfo
|
CVE-2008-2606
|
2016-11-22 11:59 |
2008-07-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244603
|
5.0 |
MEDIUM
|
oracle
|
siebel_crm
|
Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Java Integration, a …
|
NVD-CWE-noinfo
|
CVE-2014-0369
|
2016-11-19 12:02 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244604
|
4.0 |
MEDIUM
|
oracle
|
database_server
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity via unknown vectors, a…
|
NVD-CWE-noinfo
|
CVE-2013-5858
|
2016-11-19 12:02 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244605
|
3.5 |
LOW
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Middleware 10.1.3.6.0 allows remote authenticated users to affect integrity via unknown vectors relat…
|
NVD-CWE-noinfo
|
CVE-2012-0090
|
2016-11-19 12:02 |
2012-10-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244606
|
3.5 |
LOW
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Middleware 10.1.3.6.0 allows remote authenticated users to affect integrity via unknown vectors relat…
|
NVD-CWE-noinfo
|
CVE-2012-0092
|
2016-11-19 12:02 |
2012-10-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244607
|
4.3 |
MEDIUM
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0855.
|
NVD-CWE-noinfo
|
CVE-2010-0086
|
2016-11-19 12:02 |
2010-04-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244608
|
4.3 |
MEDIUM
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0086.
|
NVD-CWE-noinfo
|
CVE-2010-0855
|
2016-11-19 12:02 |
2010-04-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244609
|
6.4 |
MEDIUM
|
viewcvs
|
viewcvs
|
Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote attackers to inject script and steal cookies via the (1) cvsroot or (2) sortby parameters.
|
NVD-CWE-Other
|
CVE-2002-0771
|
2016-11-19 11:59 |
2002-08-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244610
|
6.8 |
MEDIUM
|
apple
|
safari iphone_os itunes
|
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vul…
|
CWE-119
バッファエラー
|
CVE-2013-1038
|
2016-11-19 05:01 |
2013-09-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244611
|
5.0 |
MEDIUM
|
phpmyadmin
|
phpmyadmin
|
PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full server path via direct requests to (a) scripts/check_lang.php and (b) themes/darkblue_orange/layout.inc.php; and via the (1) lang[…
|
CWE-20
不適切な入力確認
|
CVE-2006-6943
|
2016-11-19 04:34 |
2007-01-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244612
|
6.8 |
MEDIUM
|
apple
|
safari iphone_os itunes
|
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vul…
|
CWE-119
バッファエラー
|
CVE-2013-1037
|
2016-11-19 04:30 |
2013-09-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244613
|
6.8 |
MEDIUM
|
apple
|
itunes iphone_os safari
|
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vul…
|
CWE-119
バッファエラー
|
CVE-2013-1039
|
2016-11-19 04:08 |
2013-09-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244614
|
6.8 |
MEDIUM
|
apple
|
iphone_os itunes safari
|
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vul…
|
CWE-119
バッファエラー
|
CVE-2013-1041
|
2016-11-19 04:08 |
2013-09-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244615
|
6.8 |
MEDIUM
|
apple
|
itunes safari iphone_os
|
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vul…
|
CWE-119
バッファエラー
|
CVE-2013-1040
|
2016-11-19 04:07 |
2013-09-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244616
|
7.5 |
HIGH
|
canonical google
|
ubuntu_linux chrome v8
|
Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as used in Google Chrome before 41.0.2272.76, allow attackers to cause a denial of service or possibly have other impact via unknown…
|
NVD-CWE-noinfo
|
CVE-2015-2238
|
2016-11-19 04:05 |
2015-03-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244617
|
7.5 |
HIGH
|
mystats
|
mystats
|
SQL injection vulnerability in mystats.php in MyStats 1.0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the details parameter.
|
CWE-89
SQLインジェクション
|
CVE-2006-6402
|
2016-11-19 02:24 |
2006-12-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244618
|
6.8 |
MEDIUM
|
mystats
|
mystats
|
Multiple cross-site scripting (XSS) vulnerabilities in mystats.php in MyStats 1.0.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) connexion, (2) by, and (3) de…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2006-6401
|
2016-11-19 02:23 |
2006-12-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244619
|
4.3 |
MEDIUM
|
dotnetindex
|
active_news_manager
|
Cross-site scripting (XSS) vulnerability in activenews_search.asp in ActiveNews Manager allows remote attackers to inject arbitrary web script or HTML via the query parameter.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2006-6096
|
2016-11-19 02:21 |
2006-11-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244620
|
10.0 |
HIGH
|
grisoft
|
avg_antivirus
|
Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors related to "Integer Issues" and parsing of .EXE files.
|
CWE-189
数値処理の問題
|
CVE-2006-5940
|
2016-11-19 02:15 |
2006-11-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244621
|
7.5 |
HIGH
|
grisoft
|
avg_antivirus
|
Multiple integer overflows in Grisoft AVG Anti-Virus before 7.1.407 allow remote attackers to execute arbitrary code via crafted (1) CAB or (2) RAR archives that trigger a heap-based buffer overflow.…
|
CWE-190
整数オーバーフローまたはラップアラウンド
|
CVE-2006-5937
|
2016-11-19 02:13 |
2006-11-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244622
|
4.4 |
MEDIUM
|
oracle ibm
|
application_server websphere_portal
|
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect confidentiality, integrity, and availability, related to HTML.
|
NVD-CWE-noinfo
|
CVE-2009-1009
|
2016-11-19 00:22 |
2009-04-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244623
|
5.5 |
MEDIUM
|
oracle
|
e-business_suite
|
Unspecified vulnerability in the Oracle Payroll component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, and 12.2.2 allows remote authenticated users to affect confidentiality …
|
NVD-CWE-noinfo
|
CVE-2013-5890
|
2016-11-18 05:53 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244624
|
4.9 |
MEDIUM
|
oracle
|
peoplesoft_products
|
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown v…
|
NVD-CWE-noinfo
|
CVE-2013-5909
|
2016-11-18 05:52 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244625
|
5.5 |
MEDIUM
|
oracle
|
supply_chain_products_suite
|
Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0, 6.1, and 6.1.1 allows remote authenticated users to affect …
|
NVD-CWE-noinfo
|
CVE-2013-5897
|
2016-11-18 05:48 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244626
|
4.3 |
MEDIUM
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0 and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to I…
|
NVD-CWE-noinfo
|
CVE-2013-5901
|
2016-11-18 05:48 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244627
|
4.3 |
MEDIUM
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect integrity via unknown vecto…
|
NVD-CWE-noinfo
|
CVE-2013-5900
|
2016-11-18 05:47 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244628
|
6.8 |
MEDIUM
|
apple
|
iphone_os itunes safari
|
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vul…
|
CWE-119
バッファエラー
|
CVE-2013-1047
|
2016-11-18 05:44 |
2013-09-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244629
|
4.3 |
MEDIUM
|
oracle
|
ilearning
|
Unspecified vulnerability in Oracle iLearning 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Pages.
|
NVD-CWE-noinfo
|
CVE-2014-0389
|
2016-11-18 04:50 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244630
|
4.0 |
MEDIUM
|
oracle
|
peoplesoft_products
|
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related…
|
NVD-CWE-noinfo
|
CVE-2014-0392
|
2016-11-18 02:08 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244631
|
5.0 |
MEDIUM
|
oracle
|
peoplesoft_products
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect confidentiality via unknown vectors related …
|
NVD-CWE-noinfo
|
CVE-2014-0394
|
2016-11-18 02:08 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244632
|
5.0 |
MEDIUM
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown…
|
NVD-CWE-noinfo
|
CVE-2014-0391
|
2016-11-18 02:07 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244633
|
5.0 |
MEDIUM
|
oracle
|
peoplesoft_products
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect confidentiality via unknown vectors related …
|
NVD-CWE-noinfo
|
CVE-2014-0395
|
2016-11-18 02:04 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244634
|
5.0 |
MEDIUM
|
oracle
|
peoplesoft_products
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect confidentiality via unknown vectors related …
|
NVD-CWE-noinfo
|
CVE-2014-0396
|
2016-11-18 02:04 |
2014-01-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244635
|
5.8 |
MEDIUM
|
oracle mozilla suse
|
solaris firefox linux_enterprise_desktop linux_enterprise_server linux_enterprise_software_development_kit
|
Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-1501
|
2016-11-17 22:55 |
2014-03-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244636
|
5.0 |
MEDIUM
|
fedoraproject mozilla oracle
|
fedora firefox solaris
|
Mozilla Firefox before 29.0 on Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses DOM events to prevent the reemergence of the actual address bar after scr…
|
NVD-CWE-noinfo
|
CVE-2014-1527
|
2016-11-17 21:33 |
2014-04-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244637
|
4.6 |
MEDIUM
|
fedoraproject sddm_project
|
fedora sddm
|
daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated …
|
CWE-264
認可・権限・アクセス制御
|
CVE-2015-0856
|
2016-11-17 21:31 |
2015-11-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244638
|
9.3 |
HIGH
|
oracle mozilla
|
solaris firefox
|
Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CV…
|
CWE-189
数値処理の問題
|
CVE-2015-4496
|
2016-11-16 05:10 |
2015-08-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244639
|
6.4 |
MEDIUM
|
mozilla oracle
|
firefox solaris
|
Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a deni…
|
CWE-22
パス・トラバーサル
|
CVE-2014-1506
|
2016-11-16 03:05 |
2014-03-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244640
|
9.3 |
HIGH
|
oracle mozilla
|
solaris firefoxos
|
Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via…
|
CWE-22
パス・トラバーサル
|
CVE-2014-1507
|
2016-11-16 02:53 |
2014-03-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244641
|
5.0 |
MEDIUM
|
powerdns
|
authoritative_server
|
common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response.
|
CWE-399
リソース管理の問題
|
CVE-2012-0206
|
2016-11-10 05:25 |
2012-02-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244642
|
9.3 |
HIGH
|
foxitsoftware
|
foxit_reader
|
Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718 allows local users to gain privileges via a Trojan horse dwmapi.dll, dwrite.dll, or msdrm.dll in the current working directory.
|
CWE-426
信頼性のない検索パス
|
CVE-2011-3691
|
2016-11-9 03:30 |
2011-09-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244643
|
9.3 |
HIGH
|
foxitsoftware
|
foxit_reader
|
Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426: Untrusted Search Path'
|
CWE-426
信頼性のない検索パス
|
CVE-2011-3691
|
2016-11-9 03:30 |
2011-09-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244644
|
6.8 |
MEDIUM
|
foxitsoftware
|
foxit_reader phantompdf
|
Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary …
|
NVD-CWE-Other
|
CVE-2015-8580
|
2016-11-9 03:15 |
2015-12-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244645
|
6.8 |
MEDIUM
|
foxitsoftware
|
foxit_reader phantompdf
|
<a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>
|
NVD-CWE-Other
|
CVE-2015-8580
|
2016-11-9 03:15 |
2015-12-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244646
|
7.8 |
HIGH
ローカル
|
foxitsoftware
|
foxit_reader phantompdf
|
The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and applicatio…
|
CWE-119
バッファエラー
|
CVE-2016-4065
|
2016-11-9 02:55 |
2016-04-23 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244647
|
9.3 |
HIGH
|
foxitsoftware
|
foxit_reader foxit_phantom
|
Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-ba…
|
CWE-189
数値処理の問題
|
CVE-2011-0332
|
2016-11-9 02:47 |
2011-02-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244648
|
4.3 |
MEDIUM
|
redhat
|
enterprise_linux
|
LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows…
|
CWE-20
不適切な入力確認
|
CVE-2010-2598
|
2016-11-8 23:56 |
2010-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244649
|
6.8 |
MEDIUM
|
simon_mcvittie
|
telepathy_gabble
|
The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows …
|
CWE-20
不適切な入力確認
|
CVE-2013-1431
|
2016-11-8 23:38 |
2013-09-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244650
|
7.2 |
HIGH
|
sophos
|
web_appliance
|
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second…
|
CWE-78 CWE-264
OSコマンド・インジェクション 認可・権限・アクセス制御
|
CVE-2013-4984
|
2016-11-8 23:00 |
2013-09-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|