Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-25 | CVE-2016-5487 | Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | 5.3 |
| 2016-10-25 | CVE-2016-5486 | Information Management Errors vulnerability in Oracle SUN ZFS Storage Appliance KIT Ak2013 Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality via vectors related to Core Services. | 5.5 |
| 2016-10-25 | CVE-2016-5479 | Information Exposure vulnerability in Oracle Flexcube Universal Banking 11.3.0/11.4.0/12.0.1 Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 allows remote authenticated users to affect confidentiality via vectors related to INFRA. | 4.3 |
| 2016-10-25 | CVE-2016-3495 | Unspecified vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. | 4.9 |
| 2016-10-25 | CVE-2016-3492 | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. | 6.5 |
| 2016-10-25 | CVE-2016-1000214 | Information Exposure vulnerability in Ruckus Wireless H500 Ruckus Wireless H500 web management interface authentication bypass | 5.3 |
| 2016-10-22 | CVE-2016-0377 | Information Exposure vulnerability in IBM Websphere Application Server The Administrative Console in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, and 8.5.x before 8.5.5.10 mishandles CSRFtoken cookies, which allows remote authenticated users to obtain sensitive information via unspecified vectors. | 4.3 |
| 2016-10-22 | CVE-2016-0246 | Cross-site Scripting vulnerability in IBM Security Guardium Cross-site scripting (XSS) vulnerability in IBM Security Guardium 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 6.1 |
| 2016-10-22 | CVE-2016-0242 | Information Exposure vulnerability in IBM Security Guardium 10.0/10.01/10.1 IBM Security Guardium 10.x through 10.1 before p100 allows remote authenticated users to obtain sensitive information by reading an Application Error message. | 4.3 |
| 2016-10-16 | CVE-2016-8660 | Data Processing Errors vulnerability in Linux Kernel The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a "page lock order bug in the XFS seek hole/data implementation." | 5.5 |