Total
8775 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15210 | 1 Kanboard | 1 Kanboard | 2024-09-17 | N/A |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can see thumbnails of pictures from a private project of another user. | ||||
| CVE-2017-1353 | 1 Ibm | 1 Atlas Ediscovery Process Management | 2024-09-17 | N/A |
| IBM Atlas eDiscovery Process Management 6.0.3 could allow an authenticated attacker to obtain sensitive information when an unsuspecting user clicks on unsafe third-party links. IBM X-Force ID: 126680. | ||||
| CVE-2022-27844 | 1 Wpvivid | 1 Migration\, Backup\, Staging | 2024-09-17 | 2.7 Low |
| Arbitrary File Read vulnerability in WPvivid Team Migration, Backup, Staging – WPvivid (WordPress plugin) versions <= 0.9.70 | ||||
| CVE-2017-6926 | 1 Drupal | 1 Drupal | 2024-09-17 | N/A |
| In Drupal versions 8.4.x versions before 8.4.5 users with permission to post comments are able to view content and comments they do not have access to, and are also able to add comments to this content. This vulnerability is mitigated by the fact that the comment system must be enabled and the attacker must have permission to post comments. | ||||
| CVE-2009-4951 | 2 Hans Olthoff, Typo3 | 2 Alternet Csa Out, Typo3 | 2024-09-17 | N/A |
| Unspecified vulnerability in the ClickStream Analyzer [output] (alternet_csa_out) extension 0.3.0 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. | ||||
| CVE-2020-12966 | 1 Amd | 214 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 211 more | 2024-09-17 | 5.5 Medium |
| AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). A local authenticated attacker could potentially exploit this vulnerability leading to leaking guest data by the malicious hypervisor. | ||||
| CVE-2018-1546 | 1 Ibm | 1 Api Connect | 2024-09-17 | 5.9 Medium |
| IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 142650. | ||||
| CVE-2017-15700 | 1 Apache | 1 Sling Authentication Service | 2024-09-17 | N/A |
| A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectValid method in Apache Sling Authentication Service 1.4.0 allows an attacker, through the Sling login form, to trick a victim to send over their credentials. | ||||
| CVE-2017-1474 | 1 Ibm | 3 Security Access Manager, Security Access Manager For Mobile, Security Access Manager For Web | 2024-09-17 | N/A |
| IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 128606. | ||||
| CVE-2018-1670 | 1 Ibm | 1 Financial Transaction Manager | 2024-09-17 | N/A |
| IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive product configuration information from log files. IBM X-Force ID: 144946. | ||||
| CVE-2017-16052 | 1 Node-fabric Project | 1 Node-fabric | 2024-09-17 | N/A |
| `node-fabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2021-20582 | 2 Ibm, Microsoft | 2 Security Secret Server, Windows | 2024-09-17 | 5.3 Medium |
| IBM Security Secret Server up to 11.0 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 199328. | ||||
| CVE-2020-12987 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-09-17 | 5.5 Medium |
| A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass. | ||||
| CVE-2018-1935 | 1 Ibm | 1 Connections | 2024-09-17 | N/A |
| IBM Connections 5.0, 5.5, and 6.0 could allow an authenticated user to obtain sensitive information from invalid request error messages. IBM X-Force ID: 153315. | ||||
| CVE-2016-5858 | 1 Google | 1 Android | 2024-09-17 | N/A |
| In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs. | ||||
| CVE-2017-11028 | 1 Google | 1 Android | 2024-09-17 | N/A |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the ISP Camera driver, the contents of an arbitrary kernel address can be leaked to userspace by the function msm_isp_get_stream_common_data(). | ||||
| CVE-2018-3665 | 6 Canonical, Citrix, Debian and 3 more | 17 Ubuntu Linux, Xenserver, Debian Linux and 14 more | 2024-09-17 | 5.6 Medium |
| System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. | ||||
| CVE-2018-3620 | 2 Intel, Redhat | 16 Core I3, Core I5, Core I7 and 13 more | 2024-09-17 | N/A |
| Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. | ||||
| CVE-2019-4397 | 1 Ibm | 2 Cloud Orchestrator, Cloud Orchestrator Enterprise | 2024-09-17 | 6.5 Medium |
| IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 162239 | ||||
| CVE-2018-0900 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-09-17 | N/A |
| The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0901 and CVE-2018-0926. | ||||