Total
8775 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-15125 | 1 Zipato | 2 Zipabox, Zipabox Firmware | 2024-09-17 | N/A |
| Sensitive Information Disclosure in Zipato Zipabox Smart Home Controller allows remote attacker get sensitive information that expands attack surface. | ||||
| CVE-2011-3821 | 1 Xajax-project | 1 Xajax | 2024-09-17 | N/A |
| xajax 0.6 beta1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xajax_core/plugin_layer/xajaxScriptPlugin.inc.php and certain other files. | ||||
| CVE-2021-29086 | 1 Synology | 2 Diskstation Manager, Diskstation Manager Unified Controller | 2024-09-17 | 5.3 Medium |
| Exposure of sensitive information to an unauthorized actor vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2012-5183 | 1 Naver | 1 Loctouch | 2024-09-17 | N/A |
| The Loctouch application 3.4.6 and earlier for Android allows attackers to obtain sensitive information about logged locations via a crafted application that leverages read permission for system log files. | ||||
| CVE-2017-8712 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-09-17 | N/A |
| The Windows Hyper-V component on Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8707, CVE-2017-8711, CVE-2017-8706, and CVE-2017-8713. | ||||
| CVE-2017-9368 | 1 Blackberry | 2 Workspaces Appliance-x, Workspaces Vapp | 2024-09-17 | N/A |
| An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files. | ||||
| CVE-2018-15800 | 1 Cloud Foundry | 1 Bits Service | 2024-09-17 | N/A |
| Cloud Foundry Bits Service, versions prior to 2.18.0, includes an information disclosure vulnerability. A remote malicious user may execute a timing attack to brute-force the signing key, allowing them complete read and write access to the the Bits Service storage. | ||||
| CVE-2019-4061 | 1 Ibm | 1 Bigfix Platform | 2024-09-17 | 5.3 Medium |
| IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869. | ||||
| CVE-2017-13297 | 1 Google | 1 Android | 2024-09-17 | N/A |
| A information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-71766721. | ||||
| CVE-2010-2326 | 1 Ibm | 1 Websphere Application Server | 2024-09-17 | N/A |
| IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11, when addNode -trace is used during node federation, allows attackers to obtain sensitive information about CIMMetadataCollectorImpl trace actions by reading the addNode.log file. | ||||
| CVE-2011-3785 | 1 Phppointofsale | 1 Php Point Of Sale | 2024-09-17 | N/A |
| PHP Point Of Sale (POS) 10.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files. | ||||
| CVE-2012-3886 | 1 Airdroid | 1 Airdroid | 2024-09-17 | N/A |
| AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie, which makes it easier for remote attackers to obtain cleartext data by sniffing the local wireless network and then conducting a (1) brute-force attack or (2) rainbow-table attack. | ||||
| CVE-2018-19226 | 1 Laobancms | 1 Laobancms | 2024-09-17 | N/A |
| An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to list .txt files via a direct request for the /data/0/admin.txt URI. | ||||
| CVE-2003-1526 | 1 Francisco Burzi | 1 Php-nuke | 2024-09-17 | N/A |
| PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message. | ||||
| CVE-2018-0187 | 1 Cisco | 1 Identity Services Engine | 2024-09-17 | N/A |
| A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain confidential information for privileged accounts. The vulnerability is due to the improper handling of confidential information. An attacker could exploit this vulnerability by logging into the web interface on a vulnerable system. An exploit could allow an attacker to obtain confidential information for privileged accounts. This information could then be used to impersonate or negatively impact the privileged account on the affected system. | ||||
| CVE-2017-7978 | 1 Samsung | 1 Samsung Mobile | 2024-09-17 | N/A |
| Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290. | ||||
| CVE-2021-21596 | 1 Dell | 2 Openmanage Enterprise, Openmanage Enterprise-modular | 2024-09-17 | 9.6 Critical |
| Dell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a remote code execution vulnerability. A malicious attacker with access to the immediate subnet may potentially exploit this vulnerability leading to information disclosure and a possible elevation of privileges. | ||||
| CVE-2010-0548 | 1 Xerox | 7 Workcentre 5632, Workcentre 5638, Workcentre 5645 and 4 more | 2024-09-17 | N/A |
| Multiple unspecified vulnerabilities in the Network Controller and Web Server in Xerox WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, and 5687 allow remote attackers to (1) access mailboxes via unknown vectors that bypass Scan to Mailbox authorization or (2) read device configuration information via via unknown vectors that bypass web server authorization. | ||||
| CVE-2017-5715 | 8 Arm, Canonical, Debian and 5 more | 230 Cortex-a, Ubuntu Linux, Debian Linux and 227 more | 2024-09-17 | 5.6 Medium |
| Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | ||||
| CVE-2011-3724 | 1 Cubecart | 1 Cubecart | 2024-09-17 | N/A |
| CubeCart 4.4.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/shipping/USPS/calc.php and certain other files. | ||||