Total
8699 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-4186 | 1 Ibm | 1 Security Guardium | 2024-09-17 | 5.3 Medium |
| IBM Security Guardium 10.5, 10.6, and 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. IBM X-Force ID: 174804. | ||||
| CVE-2018-18289 | 1 Mesilat | 1 Zabbix | 2024-09-17 | N/A |
| The MESILAT Zabbix plugin before 1.1.15 for Atlassian Confluence allows attackers to read arbitrary files. | ||||
| CVE-2018-14785 | 1 Netcommwireless | 2 Nwl-25, Nwl-25 Firmware | 2024-09-17 | N/A |
| NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The directory of the device is listed openly without authentication. | ||||
| CVE-2017-0669 | 1 Google | 1 Android | 2024-09-17 | N/A |
| A information disclosure vulnerability in the Android framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34114752. | ||||
| CVE-2012-6536 | 1 Linux | 1 Linux Kernel | 2024-09-17 | N/A |
| net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability and providing a (1) new or (2) updated state. | ||||
| CVE-2021-26566 | 1 Synology | 7 Diskstation Manager, Diskstation Manager Unified Controller, Skynas and 4 more | 2024-09-17 | 8.3 High |
| Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary commands via inbound QuickConnect traffic. | ||||
| CVE-2018-1949 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2024-09-17 | N/A |
| IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 153429. | ||||
| CVE-2018-1388 | 1 Ibm | 1 Websphere Mq | 2024-09-17 | N/A |
| GSKit V7 may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding. IBM X-Force ID: 138212. | ||||
| CVE-2018-1334 | 1 Apache | 1 Spark | 2024-09-17 | N/A |
| In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. | ||||
| CVE-2018-18487 | 1 Gxlcms | 1 Gxlcms | 2024-09-17 | N/A |
| In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mt_rand() unsafely, resulting in predictable database backup file locations. | ||||
| CVE-2018-0763 | 1 Microsoft | 2 Edge, Windows 10 | 2024-09-17 | N/A |
| Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0839. | ||||
| CVE-2020-12777 | 1 Combodo | 1 Itop | 2024-09-17 | 7.5 High |
| A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information. | ||||
| CVE-2017-1765 | 1 Ibm | 2 Business Process Manager, Business Process Manager Enterprise Service Bus | 2024-09-17 | N/A |
| IBM Business Process Manager 8.6 could allow an authenticated user with special privileges to reveal sensitive information about the application server. IBM X-Force ID: 136150. | ||||
| CVE-2017-16064 | 1 Node-openssl Project | 1 Node-openssl | 2024-09-17 | N/A |
| node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2011-1416 | 1 Rim | 2 Blackberry Torch 9800, Blackberry Torch 9800 Firmware | 2024-09-17 | N/A |
| The Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011. | ||||
| CVE-2019-1877 | 1 Cisco | 1 Enterprise Chat And Email | 2024-09-17 | 6.5 Medium |
| A vulnerability in the HTTP API of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to download files attached through chat sessions. The vulnerability is due to insufficient authentication mechanisms on the file download function of the API. An attacker could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to download files that other users attach through the chat feature. This vulnerability affects versions prior to 12.0(1)ES1. | ||||
| CVE-2010-2612 | 1 Hp | 2 Openvms, Openvms For Integrity Servers | 2024-09-17 | N/A |
| Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVMS ALPHA 7.3-2, 8.2, and 8.3; and OpenVMS for Integrity Servers 8.3 AND 8.3-1H1; allows local users to obtain sensitive information via unknown vectors. | ||||
| CVE-2011-3793 | 1 Lucidcrew | 1 Pixie | 2024-09-17 | N/A |
| Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files. | ||||
| CVE-2011-3718 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-09-17 | N/A |
| CMS Made Simple (CMSMS) 1.9.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/TinyMCE/TinyMCE.module.php and certain other files. NOTE: this might overlap CVE-2007-5444. | ||||
| CVE-2017-13304 | 1 Google | 1 Android | 2024-09-17 | N/A |
| A information disclosure vulnerability in the Upstream kernel mnh_sm driver. Product: Android. Versions: Android kernel. Android ID: A-70576999. | ||||