CVE-2017-3630

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...

CVE-2017-3347

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via...

CVE-2017-3537

Vulnerability in the Oracle Real-Time Scheduler component of Oracle Utilities Applications subcomponent: Mobile Communications Platform. Supported versions that are affected are 2.2.0.3.13, 2.3.0.0 and 2.3.0.1. Easily "exploitable" vulnerability allows unauthenticated attacker with network access...

CVE-2017-3489

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Security Management System. Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.1.0, 12.2.0 and 12.3.0. Easily "exploitable" vulnerability allows low...

CVE-2017-3482

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily "exploitable" vulnerability allows low privileged...

CVE-2017-3484

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Limits and Collateral. Supported versions that are affected are 12.0.0 and 12.1.0. Easily "exploitable" vulnerability allows low privileged attacker...

CVE-2017-3496

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.0 and 12.1.0. Easily "exploitable" vulnerability allows unauthenticated attacker with...

OpenSSH xauth Input Authentication Vulnerability

OpenSSH OpenBSD Secure Shell is a set of connection tools maintained by the OpenBSD Project Group for secure access to remote computers. OpenSSH has a security vulnerability. A remotely authenticated user can read or modify files on the target system and can execute the xauth command on the targe...

CVE-2016-8306

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 12.0.1, 12.0.2,12.0.4,12.1.0 and 12.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2016-5623

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Product / Instrument Search. Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access...

CVE-2016-8303

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows unauthenticated attacker with...

IBM Security Privileged Identity Manager Virtual Appliance Security Bypass Vulnerability

IBM Security Privileged Identity Manager is an identity management product within the IBM Identity Governance and Management solution that protects, automates, and audits the use of privileged identities to help defend against insider threats and improve security. IBM Security Privileged Identity...

CVE-2016-1473

Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community, which allows remote attackers to read or modify SNMP objects by leveraging knowledge of this community, aka Bug ID CSCuz76216...

CVE-2016-2015

HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors...

VDG Security SENSE Authentication Bypass Vulnerability

VDG Security SENSE is a video management system VMS from VDG Security in the Netherlands. An authentication bypass vulnerability exists in versions of VDG Security SENSE prior to 2.3.15, which allows remote attackers to pass authentication via characters in the encode:authorize HTTP header and...

DEBIAN-CVE-2013-4956

Puppet Module Tool PMT, as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if those permissions were used when the modules were originally built, which might allow local users to rea...

DEBIAN-CVE-2010-3707

plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving...

CVE-2010-2022

jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations...