Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-21 | CVE-2016-3440 | Remote Security vulnerability in Oracle MySQL Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. | 4.0 |
| 2016-07-21 | CVE-2016-3433 | Remote Security vulnerability in Oracle Business Intelligence Enterprise Edition Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web Administration. network oracle | 4.9 |
| 2016-07-21 | CVE-2016-3432 | Remote Security vulnerability in Oracle BI Publisher 11.1.1.7.0/11.1.1.9.0 Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Web Server. network oracle | 4.9 |
| 2016-07-21 | CVE-2016-3424 | Remote Security vulnerability in Oracle MySQL Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. | 4.0 |
| 2016-07-19 | CVE-2016-5655 | Multiple Security vulnerability in Misys FusionCapital Opics Plus VU#682704 Misys FusionCapital Opics Plus does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. network misys | 4.3 |
| 2016-07-19 | CVE-2016-5653 | SQL Injection vulnerability in Misys Fusioncapital Opics Plus Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Plus allow remote authenticated users to execute arbitrary SQL commands via the (1) ID or (2) Branch parameter. | 4.0 |
| 2016-07-19 | CVE-2016-2775 | Improper Input Validation vulnerability in multiple products ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol. | 5.9 |
| 2016-07-17 | CVE-2016-1459 | Resource Management Errors vulnerability in Cisco IOS and IOS XE Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 allow remote authenticated users to cause a denial of service (device reload) via crafted attributes in a BGP message, aka Bug ID CSCuz21061. | 4.9 |
| 2016-07-17 | CVE-2016-1448 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Meetings Server 2.7.1/2.7Base Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.7 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuy92706. | 6.8 |
| 2016-07-17 | CVE-2016-0393 | Information Exposure vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.5 before 7.5.0.10-TIV-MBS-IFIX002 and 7.6 before 7.6.0.5-TIV-MAMMT-FP001 allows remote attackers to obtain sensitive URL information by reading log files. | 5.0 |