Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-25 | CVE-2016-3562 | Information Exposure vulnerability in Oracle Database Server 11.2.0.4/12.1.0.2 Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to DBA. | 2.4 |
| 2016-10-25 | CVE-2016-1000033 | Improper Certificate Validation vulnerability in multiple products Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks. | 3.7 |
| 2016-10-22 | CVE-2016-0240 | 7PK - Security Features vulnerability in IBM Security Guardium Database Activity Monitor IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP. | 3.7 |
| 2016-10-13 | CVE-2016-7437 | Unspecified vulnerability in SAP Netweaver 7.40 SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312. | 3.3 |
| 2016-10-13 | CVE-2016-7960 | Information Exposure vulnerability in Siemens Simatic Step 7 Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors. | 2.5 |
| 2016-10-03 | CVE-2016-5432 | Information Exposure Through Log Files vulnerability in Redhat Enterprise Virtualization 4.0 The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files. | 3.3 |
| 2016-09-26 | CVE-2016-0379 | Data Processing Errors vulnerability in IBM Websphere MQ IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles protocol flows, which allows remote authenticated users to cause a denial of service (channel outage) by leveraging queue-manager rights. | 3.1 |
| 2016-09-26 | CVE-2016-0248 | Information Exposure vulnerability in IBM Security Guardium 10.0/9.0 IBM Security Guardium 9.0 before p700 and 10.0 before p100 allows man-in-the-middle attackers to obtain sensitive query-string information from SSL sessions via unspecified vectors. | 3.7 |
| 2016-09-25 | CVE-2016-4751 | 7PK - Security Features vulnerability in Apple Safari The Safari Tabs component in Apple Safari before 10 allows remote attackers to spoof the address bar of a tab via a crafted web site. | 3.5 |
| 2016-09-25 | CVE-2016-4739 | Information Exposure vulnerability in Apple mac OS X mDNSResponder in Apple OS X before 10.12, when VMnet.framework is used, arranges for a DNS proxy to listen on all interfaces, which allows remote attackers to obtain sensitive information by sending a DNS query to an unintended interface. | 3.7 |