Vulnerabilities > Oracle > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-04-25 | CVE-2016-4053 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization. | 4.3 |
| 2016-04-25 | CVE-2016-4051 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data. | 6.8 |
| 2016-04-25 | CVE-2016-4085 | Improper Input Validation vulnerability in multiple products Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet. | 5.9 |
| 2016-04-25 | CVE-2016-4082 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted packet. | 5.9 |
| 2016-04-25 | CVE-2016-4079 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted packet. | 5.9 |
| 2016-04-21 | CVE-2016-3466 | Remote Security vulnerability in Oracle Field Service 12.1.1/12.1.2/12.1.3 Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Wireless. | 6.4 |
| 2016-04-21 | CVE-2016-3465 | Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to ZFS. | 4.9 |
| 2016-04-21 | CVE-2016-3464 | Remote Security vulnerability in Oracle Flexcube Direct Banking 12.0.3 Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to Accounts. | 4.0 |
| 2016-04-21 | CVE-2016-3463 | Remote Security vulnerability in Oracle Flexcube Direct Banking 12.0.3 Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to Pre-Login. | 5.0 |
| 2016-04-21 | CVE-2016-3462 | Local Security vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Network Configuration Service. | 4.9 |