2016 VULNERABILITY DATABASE

 

 

 

CVE-2016-2299

Summary: SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: 4/21/2016 8:59:00 PM

 

CVE-2016-3977

Summary: Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.

Published: 4/21/2016 10:59:02 AM

 

CVE-2016-3190

Summary: The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length.

Published: 4/21/2016 10:59:01 AM

 

CVE-2013-7449

Summary: The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Published: 4/21/2016 10:59:00 AM

 

CVE-2016-3466

Summary: Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Wireless.

Published: 4/21/2016 7:00:44 AM

 

CVE-2016-3465

Summary: Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to ZFS.

Published: 4/21/2016 7:00:43 AM

 

CVE-2016-3464

Summary: Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to Accounts.

Published: 4/21/2016 7:00:42 AM

 

CVE-2016-3463

Summary: Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to Pre-Login.

Published: 4/21/2016 7:00:41 AM

 

CVE-2016-3462

Summary: Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Network Configuration Service.

Published: 4/21/2016 7:00:40 AM

 

CVE-2016-3461

Summary: Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality, integrity, and availability via vectors related to Monitoring: Server.

Published: 4/21/2016 7:00:39 AM

 

CVE-2016-3460

Summary: Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to ePerformance.

Published: 4/21/2016 7:00:39 AM

 

CVE-2016-3457

Summary: Unspecified vulnerability in the PeopleSoft Enterprise HCM ePerformance component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to Security.

Published: 4/21/2016 7:00:38 AM

 

CVE-2016-3456

Summary: Unspecified vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul component in Oracle Supply Chain Products Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Dialog Box.

Published: 4/21/2016 7:00:37 AM

 

CVE-2016-3455

Summary: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters.

Published: 4/21/2016 7:00:36 AM

 

CVE-2016-3454

Summary: Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Published: 4/21/2016 7:00:35 AM

 

CVE-2016-3449

Summary: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.

Published: 4/21/2016 7:00:34 AM

 

CVE-2016-3447

Summary: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to OAF Core.

Published: 4/21/2016 7:00:33 AM

 

CVE-2016-3443

Summary: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.

Published: 4/21/2016 7:00:32 AM

 

CVE-2016-3442

Summary: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Portal.

Published: 4/21/2016 7:00:31 AM

 

CVE-2016-3441

Summary: Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Filesystem.

Published: 4/21/2016 7:00:30 AM

 

CVE-2016-3439

Summary: Unspecified vulnerability in the Oracle CRM Wireless component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Call Phone Number Page.

Published: 4/21/2016 7:00:29 AM

 

 

<<< New  Older >>>