Total
8698 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-9368 | 1 Blackberry | 2 Workspaces Appliance-x, Workspaces Vapp | 2024-09-17 | N/A |
An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files. | ||||
CVE-2018-15800 | 1 Cloud Foundry | 1 Bits Service | 2024-09-17 | N/A |
Cloud Foundry Bits Service, versions prior to 2.18.0, includes an information disclosure vulnerability. A remote malicious user may execute a timing attack to brute-force the signing key, allowing them complete read and write access to the the Bits Service storage. | ||||
CVE-2019-4061 | 1 Ibm | 1 Bigfix Platform | 2024-09-17 | 5.3 Medium |
IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869. | ||||
CVE-2017-13297 | 1 Google | 1 Android | 2024-09-17 | N/A |
A information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-71766721. | ||||
CVE-2010-2326 | 1 Ibm | 1 Websphere Application Server | 2024-09-17 | N/A |
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11, when addNode -trace is used during node federation, allows attackers to obtain sensitive information about CIMMetadataCollectorImpl trace actions by reading the addNode.log file. | ||||
CVE-2011-3785 | 1 Phppointofsale | 1 Php Point Of Sale | 2024-09-17 | N/A |
PHP Point Of Sale (POS) 10.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files. | ||||
CVE-2012-3886 | 1 Airdroid | 1 Airdroid | 2024-09-17 | N/A |
AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie, which makes it easier for remote attackers to obtain cleartext data by sniffing the local wireless network and then conducting a (1) brute-force attack or (2) rainbow-table attack. | ||||
CVE-2018-19226 | 1 Laobancms | 1 Laobancms | 2024-09-17 | N/A |
An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to list .txt files via a direct request for the /data/0/admin.txt URI. | ||||
CVE-2003-1526 | 1 Francisco Burzi | 1 Php-nuke | 2024-09-17 | N/A |
PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message. | ||||
CVE-2018-0187 | 1 Cisco | 1 Identity Services Engine | 2024-09-17 | N/A |
A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain confidential information for privileged accounts. The vulnerability is due to the improper handling of confidential information. An attacker could exploit this vulnerability by logging into the web interface on a vulnerable system. An exploit could allow an attacker to obtain confidential information for privileged accounts. This information could then be used to impersonate or negatively impact the privileged account on the affected system. | ||||
CVE-2017-7978 | 1 Samsung | 1 Samsung Mobile | 2024-09-17 | N/A |
Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290. | ||||
CVE-2021-21596 | 1 Dell | 2 Openmanage Enterprise, Openmanage Enterprise-modular | 2024-09-17 | 9.6 Critical |
Dell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a remote code execution vulnerability. A malicious attacker with access to the immediate subnet may potentially exploit this vulnerability leading to information disclosure and a possible elevation of privileges. | ||||
CVE-2010-0548 | 1 Xerox | 7 Workcentre 5632, Workcentre 5638, Workcentre 5645 and 4 more | 2024-09-17 | N/A |
Multiple unspecified vulnerabilities in the Network Controller and Web Server in Xerox WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, and 5687 allow remote attackers to (1) access mailboxes via unknown vectors that bypass Scan to Mailbox authorization or (2) read device configuration information via via unknown vectors that bypass web server authorization. | ||||
CVE-2017-5715 | 8 Arm, Canonical, Debian and 5 more | 230 Cortex-a, Ubuntu Linux, Debian Linux and 227 more | 2024-09-17 | 5.6 Medium |
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | ||||
CVE-2011-3724 | 1 Cubecart | 1 Cubecart | 2024-09-17 | N/A |
CubeCart 4.4.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/shipping/USPS/calc.php and certain other files. | ||||
CVE-2011-3735 | 1 Escortwebsitedesign | 1 Escort-agency-cms | 2024-09-17 | N/A |
Escort Agency CMS (aka escort-agency-cms) allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an error message, as demonstrated by makethumb.php and certain other files. | ||||
CVE-2020-10264 | 1 Universal-robots | 7 Ur10, Ur10e, Ur3 and 4 more | 2024-09-17 | 8.8 High |
CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards allow authenticated access to the RTDE (Real-Time Data Exchange) interface on port 30004 which allows setting registers, the speed slider fraction as well as digital and analog Outputs. Additionally unautheticated reading of robot data is also possible | ||||
CVE-2020-4186 | 1 Ibm | 1 Security Guardium | 2024-09-17 | 5.3 Medium |
IBM Security Guardium 10.5, 10.6, and 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. IBM X-Force ID: 174804. | ||||
CVE-2018-18289 | 1 Mesilat | 1 Zabbix | 2024-09-17 | N/A |
The MESILAT Zabbix plugin before 1.1.15 for Atlassian Confluence allows attackers to read arbitrary files. | ||||
CVE-2018-14785 | 1 Netcommwireless | 2 Nwl-25, Nwl-25 Firmware | 2024-09-17 | N/A |
NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The directory of the device is listed openly without authentication. |