CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2016

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
351 CVE-2016-5986 200 +Info 2016-10-01 2017-07-30
5.0
None Remote Low Not required Partial None None
IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, 8.5.x before 8.5.5.11, 9.0.x before 9.0.0.2, and Liberty before 16.0.0.3 mishandles responses, which allows remote attackers to obtain sensitive information via unspecified vectors.
352 CVE-2016-5983 284 Exec Code 2016-10-05 2016-11-28
6.5
None Remote Low ??? Partial Partial Partial
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.11, 9.0 before 9.0.0.2, and Liberty before 16.0.0.4 allows remote authenticated users to execute arbitrary Java code via a crafted serialized object.
353 CVE-2016-5920 79 XSS 2016-10-29 2016-11-28
3.5
None Remote Medium ??? None Partial None
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financial Transaction Manager (FTM) for ACH Services 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
354 CVE-2016-5901 79 XSS 2016-10-05 2016-11-28
3.5
None Remote Medium ??? None Partial None
Cross-site scripting (XSS) vulnerability in a test page in IBM Business Process Manager Advanced 8.5.6.0 through 8.5.7.0 before cumulative fix 2016.09 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
355 CVE-2016-5892 79 XSS 2016-10-05 2016-11-28
3.5
None Remote Medium ??? None Partial None
Cross-site scripting (XSS) vulnerability in IBM 10x, as used in Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications before 1.0.0.5_2, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
356 CVE-2016-5764 119 Exec Code Overflow 2016-10-27 2017-09-03
6.8
None Remote Medium Not required Partial Partial Partial
Micro Focus Rumba FTP 4.X client buffer overflow makes it possible to corrupt the stack and allow arbitrary code execution. Fixed in: Rumba FTP 4.5 (HF 14668). This can only occur if a client connects to a malicious server.
357 CVE-2016-5745 284 2016-10-05 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF11, 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2 allow remote attackers to modify or extract system configuration files via vectors involving NAT64.
358 CVE-2016-5700 284 Exec Code 2016-10-03 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with the HTTP Explicit Proxy functionality or SOCKS profile, allow remote attackers to modify the system configuration, read system files, and possibly execute arbitrary code via unspecified vectors.
359 CVE-2016-5686 287 Bypass 2016-10-05 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
Johnson & Johnson Animas OneTouch Ping devices mishandle acknowledgements, which makes it easier for remote attackers to bypass authentication via a custom communication protocol.
360 CVE-2016-5635 2016-10-25 2017-07-29
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.
361 CVE-2016-5634 2016-10-25 2017-07-29
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR.
362 CVE-2016-5633 2016-10-25 2017-07-29
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290.
363 CVE-2016-5632 2016-10-25 2017-07-29
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.
364 CVE-2016-5631 2016-10-25 2017-07-29
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.
365 CVE-2016-5630 2016-10-25 2019-03-04
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.
366 CVE-2016-5629 2016-10-25 2019-03-04
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
367 CVE-2016-5628 2016-10-25 2017-07-29
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.
368 CVE-2016-5627 2016-10-25 2019-03-04
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.
369 CVE-2016-5626 2016-10-25 2019-03-04
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
370 CVE-2016-5625 2016-10-25 2017-07-29
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging.
371 CVE-2016-5624 2016-10-25 2018-01-05
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
372 CVE-2016-5622 284 2016-10-25 2017-07-29
7.8
None Remote Medium Not required Complete Partial None
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote attackers to affect confidentiality and integrity via vectors related to INFRA.
373 CVE-2016-5621 200 +Info 2016-10-25 2017-07-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 and 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5603.
374 CVE-2016-5620 284 2016-10-25 2017-07-29
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to INFRA, a different vulnerability than CVE-2016-5619.
375 CVE-2016-5619 284 2016-10-25 2017-07-29
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to INFRA, a different vulnerability than CVE-2016-5620.
376 CVE-2016-5618 200 +Info 2016-10-25 2017-07-29
3.5
None Remote Medium ??? Partial None None
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.2.0.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine.
377 CVE-2016-5617 264 2016-10-25 2016-11-28
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Error Handling.
378 CVE-2016-5616 2016-10-25 2016-11-28
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: MyISAM.
379 CVE-2016-5615 284 2016-10-25 2017-07-29
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx.
380 CVE-2016-5613 284 2016-10-25 2019-03-04
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5608.
381 CVE-2016-5612 2016-10-25 2019-03-04
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
382 CVE-2016-5611 200 +Info 2016-10-25 2019-03-04
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality via vectors related to Core.
383 CVE-2016-5610 284 2016-10-25 2019-03-04
4.6
None Local Low Not required Partial Partial Partial
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core.
384 CVE-2016-5609 2016-10-25 2019-03-04
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
385 CVE-2016-5608 284 2016-10-25 2019-03-04
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5613.
386 CVE-2016-5607 284 2016-10-25 2017-07-29
6.5
None Remote Low ??? Partial Partial Partial
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to INFRA.
387 CVE-2016-5606 284 2016-10-25 2017-07-29
5.6
None Local Low Not required None Partial Complete
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones.
388 CVE-2016-5605 284 2016-10-25 2017-07-29
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE.
389 CVE-2016-5604 284 2016-10-25 2017-07-29
3.3
None Local Medium Not required Partial Partial None
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerability than CVE-2016-3563.
390 CVE-2016-5603 200 +Info 2016-10-25 2017-07-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5621.
391 CVE-2016-5602 200 +Info 2016-10-25 2017-07-29
3.5
None Remote Medium ??? Partial None None
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine.
392 CVE-2016-5601 284 2016-10-25 2018-10-30
3.3
None Local Medium Not required Partial Partial None
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components.
393 CVE-2016-5600 284 2016-10-25 2017-07-29
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
394 CVE-2016-5599 284 2016-10-25 2016-11-28
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12.2.3 through 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to MscObieeSrvlt.
395 CVE-2016-5598 284 2016-10-25 2018-05-02
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python.
396 CVE-2016-5597 200 +Info 2016-10-25 2020-09-08
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.
397 CVE-2016-5596 200 +Info 2016-10-25 2017-07-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality via unknown vectors.
398 CVE-2016-5595 284 2016-10-25 2017-07-29
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5592.
399 CVE-2016-5594 284 2016-10-25 2017-07-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to INFRA.
400 CVE-2016-5593 284 2016-10-25 2017-07-29
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5587 and CVE-2016-5591.
Total number of vulnerabilities : 681   Page : 1 2 3 4 5 6 7 8 (This Page)9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.