The Starbucks 2.6.1 application for iOS stores sensitive information in plaintext in the Crashlytics log file (/Library/Caches/com.crashlytics.data/com.starbucks.mystarbucks/session.clslog), which all...

EMC RSA Data Loss Prevention (DLP) 9.x before 9.6-SP2 does not properly manage sessions, which allows remote authenticated users to gain privileges and bypass intended content-reading restrictions via...

/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permissio...

The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a den...

The administrative interface (contrib.admin) in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not check if a field represents a relationship bet...

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability ...

Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via unknown vectors related to Admin Co...

Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in Oracle Supply Chain Products Suite 20.1.1 allows remote authenticated users to affect confidentiality via u...

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unkn...

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different v...

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS.

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related...

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, int...

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availa...

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, int...

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availa...

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown...

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0 and 11.1.2.1 allows remote authenticated users to affect confidentiality via unknown vectors rel...

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect integrity via vectors related to PIA Core Tec...

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote authen...

Unspecified vulnerability in the Siebel Life Sciences component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Clinical Tr...

The default configuration of IBM 4690 OS, as used in Toshiba Global Commerce Solutions 4690 POS and other products, hashes passwords with the ADXCRYPT algorithm, which makes it easier for context-depe...

The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option ...