Total
8775 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1509 | 1 Ibm | 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more | 2024-09-17 | N/A |
| IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719. | ||||
| CVE-2018-8860 | 1 Vecna | 2 Vgo, Vgo Firmware | 2024-09-17 | N/A |
| In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker may be able to capture firmware updates through the adjacent network. | ||||
| CVE-2018-15433 | 1 Cisco | 1 Prime Infrastructure | 2024-09-17 | N/A |
| A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to the transmission of sensitive information as part of a GET request. An attacker could exploit this vulnerability by sending a GET request to a vulnerable device. A successful exploit could allow the attacker to view sensitive information. | ||||
| CVE-2022-23982 | 1 Quadlayers | 1 Perfect Brands For Woocommerce | 2024-09-17 | 4.3 Medium |
| The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure. | ||||
| CVE-2017-1000413 | 1 Linaro | 1 Op-tee | 2024-09-17 | N/A |
| Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable a timing attack in the Montgomery parts of libMPA in OP-TEE resulting in a compromised private RSA key. | ||||
| CVE-2018-14035 | 1 Hdfgroup | 1 Hdf5 | 2024-09-17 | N/A |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c. | ||||
| CVE-2011-3800 | 1 S9y | 1 Serendipity | 2024-09-17 | N/A |
| Serendipity 1.5.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/newspaper/layout.php and certain other files. | ||||
| CVE-2018-5436 | 1 Tibco | 2 Spotfire Analytics Platform For Aws, Spotfire Server | 2024-09-17 | N/A |
| The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contain multiple vulnerabilities that may allow for the disclosure of information, including user and data source credentials. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Server: versions up to and including 7.8.1; 7.9.0; 7.10.0; 7.11.0; 7.12.0. | ||||
| CVE-2013-3428 | 1 Cisco | 1 Secure Access Control System | 2024-09-17 | N/A |
| The web interface in Cisco Secure Access Control System (ACS) does not properly suppress error-condition details, which allows remote authenticated users to obtain sensitive information via an unspecified request that triggers an error, aka Bug ID CSCue65957. | ||||
| CVE-2018-1000997 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2024-09-17 | N/A |
| A path traversal vulnerability exists in the Stapler web framework used by Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/org/kohsuke/stapler/Facet.java, groovy/src/main/java/org/kohsuke/stapler/jelly/groovy/GroovyFacet.java, jelly/src/main/java/org/kohsuke/stapler/jelly/JellyFacet.java, jruby/src/main/java/org/kohsuke/stapler/jelly/jruby/JRubyFacet.java, jsp/src/main/java/org/kohsuke/stapler/jsp/JSPFacet.java that allows attackers to render routable objects using any view in Jenkins, exposing internal information about those objects not intended to be viewed, such as their toString() representation. | ||||
| CVE-2019-4731 | 1 Ibm | 1 Mq Appliance | 2024-09-17 | 5.5 Medium |
| IBM MQ Appliance 9.1.4.CD could allow a local attacker to obtain highly sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 172616. | ||||
| CVE-2022-27630 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2024-09-17 | 7.5 High |
| An information disclosure vulnerability exists in the confctl_get_master_wlan functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to information disclosure. An attacker can send packets to trigger this vulnerability. | ||||
| CVE-2016-10423 | 1 Qualcomm | 16 Sd 425, Sd 425 Firmware, Sd 430 and 13 more | 2024-09-17 | N/A |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, when a Trusted Application has opened the SPI interface to a particular device, it is possible for another Trusted Application to read the data on this open interface due to non-exclusive access of the SPI bus. | ||||
| CVE-2011-0217 | 2 Apple, Microsoft | 6 Mac Os X, Mac Os X Server, Safari and 3 more | 2024-09-17 | N/A |
| Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields. | ||||
| CVE-2017-8592 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 and 6 more | 2024-09-17 | N/A |
| Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, and Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a security feature bypass vulnerability when they improperly handle redirect requests, aka "Microsoft Browser Security Feature Bypass". | ||||
| CVE-2017-16071 | 1 Nodemailer-js Project | 1 Nodemailer-js | 2024-09-17 | N/A |
| nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2009-5035 | 1 Ibm | 1 Lotus Notes Traveler | 2024-09-17 | N/A |
| The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle multiple outgoing e-mail messages between sync operations, which might allow remote attackers to read communications intended for other recipients by examining appended messages. | ||||
| CVE-2022-23824 | 3 Amd, Fedoraproject, Xen | 336 A10-9600p, A10-9600p Firmware, A10-9630p and 333 more | 2024-09-17 | 5.5 Medium |
| IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. | ||||
| CVE-2017-6426 | 1 Google | 1 Android | 2024-09-17 | N/A |
| An information disclosure vulnerability in the Qualcomm SPMI driver. Product: Android. Versions: Android kernel. Android ID: A-33644474. References: QC-CR#1106842. | ||||
| CVE-2019-7312 | 1 Primx | 3 Zed, Zedmail, Zonecentral | 2024-09-17 | N/A |
| Limited plaintext disclosure exists in PRIMX Zed Entreprise for Windows before 6.1.2240, Zed Entreprise for Windows (ANSSI qualification submission) before 6.1.2150, Zed Entreprise for Mac before 2.0.199, Zed Entreprise for Linux before 2.0.199, Zed Pro for Windows before 1.0.195, Zed Pro for Mac before 1.0.199, Zed Pro for Linux before 1.0.199, Zed Free for Windows before 1.0.195, Zed Free for Mac before 1.0.199, and Zed Free for Linux before 1.0.199. Analyzing a Zed container can lead to the disclosure of plaintext content of very small files (a few bytes) stored into it. | ||||