Skip to main content
CVE-2014-2475 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect availability via vectors related to SGD. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Virtualization
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2014-2474 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Virtualization
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2014-2473 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Virtualization
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2014-2472 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Virtualization
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2014-1586 MEDIUM This Month

content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox Thunderbird
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2014-1585 MEDIUM This Month

The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Thunderbird Firefox
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2014-6512 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Java Oracle Jrockit Jdk +1
NVD
CVSS 2.0
4.3
EPSS
4.2%
CVE-2014-1829 MEDIUM PATCH This Month

Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Python Information Disclosure Debian Linux Requests Ubuntu Linux +1
NVD GitHub
CVSS 2.0
5.0
EPSS
0.5%
CVE-2014-1830 MEDIUM PATCH This Month

Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Python Information Disclosure Opensuse Requests
NVD GitHub
CVSS 2.0
5.0
EPSS
0.5%
CVE-2014-1580 MEDIUM This Month

Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2014-6498 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3, 6.3.1, 6.3.2, 6.3.3, 6.3.4, and 6.3.5 allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Supply Chain Products Suite
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-4277 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-6472 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-6461 MEDIUM PATCH This Month

Unspecified vulnerability in the Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Information Disclosure Oracle Supply Chain Products Suite
NVD
CVSS 2.0
4.9
EPSS
0.3%
CVE-2014-6460 MEDIUM PATCH This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52, 8.53, and 8.54 allows remote authenticated users to affect confidentiality and. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2014-6557 MEDIUM PATCH This Month

Unspecified vulnerability in the Application Performance Management component in Oracle Enterprise Manager Grid Control before 12.1.0.6.2 allows remote authenticated users to affect confidentiality. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Information Disclosure Oracle Enterprise Manager Grid Control
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2014-6497 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Kernel. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
4.9
EPSS
0.0%
CVE-2014-4275 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to SMB server kernel module. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
4.9
EPSS
0.0%
CVE-2014-6531 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
4.3
EPSS
2.6%
CVE-2014-0572 MEDIUM PATCH This Month

Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows local users to bypass intended IP-based access restrictions. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Adobe Privilege Escalation Coldfusion
NVD
CVSS 2.0
4.6
EPSS
0.2%
CVE-2014-4280 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to IPS transfer module, a different vulnerability than. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2014-6494 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle MariaDB Solaris Junos Space +5
NVD
CVSS 2.0
4.3
EPSS
1.0%
CVE-2014-6507 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle MariaDB Solaris MySQL +4
NVD
CVSS 2.0
4.3
EPSS
0.9%
CVE-2014-1582 MEDIUM This Month

The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 does not properly consider the connection-coalescing behavior of SPDY and HTTP/2 in the case of a shared IP address, which. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Authentication Bypass Firefox
NVD
CVSS 2.0
4.3
EPSS
0.9%
CVE-2014-6559 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Junos Space MariaDB Solaris +5
NVD
CVSS 2.0
4.3
EPSS
0.8%
CVE-2014-1584 MEDIUM This Month

The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 skips pinning checks upon an unspecified issuer-verification error, which makes it easier for remote attackers to bypass an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Authentication Bypass Firefox
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2014-0571 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote attackers. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Adobe Coldfusion
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2014-4284 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to IPS transfer module, a different vulnerability than. Rated medium severity (CVSS 4.4).

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2014-6495 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle MySQL Solaris Junos Space +5
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2014-6478 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Junos Space MySQL Solaris +5
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2014-6496 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Junos Space Solaris MariaDB +5
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2014-6561 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Payments component in Oracle E-Business Suite 12.0.4, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-6550 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Applications Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to iHelp. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-6471 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-6516 MEDIUM PATCH This Month

Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 8.98 allows local users to affect confidentiality, integrity, and availability via vectors. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity.

Information Disclosure Oracle Jd Edwards Products
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-4283 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-6539 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-4281 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-6552 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-6462 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.1 and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors related to Admin. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-6522 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7, 11.1.2.4, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via vectors related to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-4285 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Applications Technology component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to Reports. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-3681 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Jenkins Openshift
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-8293 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the AMG_signin_topic parameter to index.php. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Voice Of Web Allmyguests
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-6464 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL Linux Enterprise Desktop Linux Enterprise Server +3
NVD
CVSS 2.0
4.0
EPSS
0.9%
CVE-2014-6564 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL Linux Enterprise Desktop Linux Enterprise Server +3
NVD
CVSS 2.0
4.0
EPSS
0.7%
CVE-2014-4274 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to. Rated medium severity (CVSS 4.1).

Information Disclosure Oracle Solaris MySQL MariaDB
NVD
CVSS 2.0
4.1
EPSS
0.2%
CVE-2014-6520 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL Linux Enterprise Desktop Linux Enterprise Server +3
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2014-6505 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL Linux Enterprise Desktop Linux Enterprise Server +3
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2014-6484 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:DML. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL Linux Enterprise Desktop Linux Enterprise Server +3
NVD
CVSS 2.0
4.0
EPSS
0.5%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy