Total
8770 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6342 | 2 Lobacher Patrick, Typo3 | 2 Simplefilebrowser, Typo3 | 2024-09-17 | N/A |
| Unspecified vulnerability in the TYPO3 Simple File Browser (simplefilebrowser) extension 1.0.2 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors. | ||||
| CVE-2009-4357 | 1 Ibm | 2 Rational Clearcase, Rational Clearquest | 2024-09-17 | N/A |
| CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors. | ||||
| CVE-2017-1515 | 1 Ibm | 1 Rational Doors | 2024-09-17 | N/A |
| IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to obtain sensitive information from HTTP internal server error responses. IBM X-Force ID: 129825. | ||||
| CVE-2016-4784 | 1 Siemens | 9 Siprotec 4 En100, Siprotec Compact Model 7rw80, Siprotec Compact Model 7sd80 and 6 more | 2024-09-17 | N/A |
| A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02; SIPROTEC 7SJ686 : All versions < V 4.83; SIPROTEC 7UT686 : All versions < V 4.01; SIPROTEC 7SD686 : All versions < V 4.03; SIPROTEC 7SJ66 : All versions < V 4.20. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain sensitive device information if network access was obtained. | ||||
| CVE-2018-2009 | 1 Ibm | 1 Api Connect | 2024-09-17 | N/A |
| IBM API Connect v2018.1 and 2018.4.1 is affected by an information disclosure vulnerability in the consumer API. Any registered user can obtain a list of all other users in all other orgs, including email id/names, etc. IBM X-Force ID: 155148. | ||||
| CVE-2011-3751 | 1 Lifetype | 1 Lifetype | 2024-09-17 | N/A |
| LifeType 1.2.10 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/badbehavior/pluginbadbehavior.class.php. | ||||
| CVE-2020-4226 | 1 Ibm | 1 Mobilefirst Platform Foundation | 2024-09-17 | 7.5 High |
| IBM MobileFirst Platform Foundation 8.0.0.0 stores highly sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 175207. | ||||
| CVE-2014-8528 | 1 Mcafee | 1 Network Data Loss Prevention | 2024-09-17 | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users to obtain sensitive information by reading the audit log. | ||||
| CVE-2012-4390 | 1 Owncloud | 1 Owncloud | 2024-09-17 | N/A |
| (1) apps/calendar/appinfo/remote.php and (2) apps/contacts/appinfo/remote.php in ownCloud before 4.0.7 allows remote authenticated users to enumerate the registered users via unspecified vectors. | ||||
| CVE-2017-0708 | 1 Google | 1 Android | 2024-09-17 | N/A |
| A information disclosure vulnerability in the HTC sound driver. Product: Android. Versions: Android kernel. Android ID: A-35384879. | ||||
| CVE-2017-1423 | 1 Ibm | 1 Websphere Portal | 2024-09-17 | N/A |
| IBM WebSphere Portal 8.5 and 9.0 exposes backend server URLs that are configured for usage by the Web Application Bridge component. IBM X-Force ID: 127476. | ||||
| CVE-2002-2410 | 1 Open Webmail | 1 Open Webmail | 2024-09-17 | N/A |
| openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks and obtain certain configuration and version information. | ||||
| CVE-2018-15771 | 1 Emc | 2 Recoverpoint, Recoverpoint For Virtual Machines | 2024-09-17 | N/A |
| Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an information disclosure vulnerability. A malicious boxmgmt user may potentially be able to determine the existence of any system file via Boxmgmt CLI. | ||||
| CVE-2017-13185 | 1 Google | 1 Android | 2024-09-17 | N/A |
| An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65123471. | ||||
| CVE-2017-17463 | 1 Vivo | 2 Modem, Modem Firmware | 2024-09-17 | N/A |
| Vivo modems allow remote attackers to obtain sensitive information by reading the index.cgi?page=wifi HTML source code, as demonstrated by ssid and psk_wepkey fields. | ||||
| CVE-2013-4678 | 1 Symantec | 1 Backup Exec | 2024-09-17 | N/A |
| The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain sensitive host-version information via unspecified vectors. | ||||
| CVE-2014-10055 | 1 Qualcomm | 4 Sd 400, Sd 400 Firmware, Sd 800 and 1 more | 2024-09-17 | N/A |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, there could be leakage of protected contents if HLOS doesn't request for security restoration for OCMEM xPU's. | ||||
| CVE-2017-0778 | 1 Google | 1 Android | 2024-09-17 | N/A |
| A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-62133227. | ||||
| CVE-2017-16077 | 1 Mongose Project | 1 Mongose | 2024-09-17 | N/A |
| mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2018-5892 | 1 Qualcomm | 54 Mdm9206, Mdm9206 Firmware, Mdm9607 and 51 more | 2024-09-17 | N/A |
| The Touch Pal application can collect user behavior data without awareness by the user in Snapdragon Mobile and Snapdragon Wear. | ||||