Total
8775 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-20007 | 1 Ingeteam | 2 Ingepac Da Au, Ingepac Da Au Firmware | 2024-09-17 | 5.3 Medium |
| Ingeteam INGEPAC DA AU AUC_1.13.0.28 (and before) web application allows access to a certain path that contains sensitive information that could be used by an attacker to execute more sophisticated attacks. An unauthenticated remote attacker with access to the deviceĀ“s web service could exploit this vulnerability in order to obtain different configuration files. | ||||
| CVE-2017-1484 | 1 Ibm | 1 Websphere Commerce | 2024-09-17 | N/A |
| IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 could allow an authenticated attacker to obtain information such as user personal data. IBM X-Force ID: 128622. | ||||
| CVE-2022-41655 | 1 Algolplus | 1 Phone Orders For Woocommerce | 2024-09-17 | 4.3 Medium |
| Auth. (subscriber+) Sensitive Data Exposure vulnerability in Phone Orders for WooCommerce plugin <= 3.7.1 on WordPress. | ||||
| CVE-2018-1625 | 1 Ibm | 1 Security Privileged Identity Manager | 2024-09-17 | N/A |
| IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 144410. | ||||
| CVE-2017-14954 | 1 Linux | 1 Linux Kernel | 2024-09-17 | N/A |
| The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call. | ||||
| CVE-2017-7630 | 1 Qnap | 1 Qts | 2024-09-17 | N/A |
| QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi. | ||||
| CVE-2018-1999031 | 1 Jenkins | 1 Meliora Testlab | 2024-09-17 | N/A |
| An exposure of sensitive information vulnerability exists in Jenkins meliora-testlab Plugin 1.14 and earlier in TestlabNotifier.java that allows attackers with file system access to the Jenkins master to obtain the API key stored in this plugin's configuration. | ||||
| CVE-2017-8970 | 1 Hp | 1 Matrix Operating Environment | 2024-09-17 | N/A |
| A remote unauthenticated disclosure of information vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found. | ||||
| CVE-2020-6653 | 1 Eaton | 1 Secureconnect | 2024-09-17 | 3.8 Low |
| Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's account and associated devices. | ||||
| CVE-2012-4116 | 1 Cisco | 1 Unified Computing System | 2024-09-17 | N/A |
| The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete the authentication process for a server connection, by sniffing the network, aka Bug ID CSCtr72970. | ||||
| CVE-2013-5130 | 1 Apple | 1 Safari | 2024-09-17 | N/A |
| WebKit in Apple Safari before 6.1 disables the Private Browsing feature upon a launch of the Web Inspector, which makes it easier for context-dependent attackers to obtain browsing information by leveraging LocalStorage/ files. | ||||
| CVE-2017-11155 | 1 Synology | 1 Photo Station | 2024-09-17 | N/A |
| An information exposure vulnerability in index.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to obtain sensitive system information via unspecified vectors. | ||||
| CVE-2021-44702 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-09-17 | 4.3 Medium |
| Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page. | ||||
| CVE-2018-1059 | 3 Canonical, Dpdk, Redhat | 11 Ubuntu Linux, Data Plane Development Kit, Ceph Storage and 8 more | 2024-09-17 | N/A |
| The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable. | ||||
| CVE-2022-25990 | 1 F5 | 1 F5os-a | 2024-09-17 | 5.3 Medium |
| On 1.0.x versions prior to 1.0.1, systems running F5OS-A software may expose certain registry ports externally. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2016-5347 | 1 Google | 1 Android | 2024-09-17 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver. | ||||
| CVE-2017-15852 | 1 Google | 1 Android | 2024-09-17 | N/A |
| Information leak of the ISPIF base address in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the camera driver. | ||||
| CVE-2011-5126 | 1 Bluecoat | 1 Sgos | 2024-09-17 | N/A |
| Blue Coat ProxySG 6.1 before SGOS 6.1.5.1 and 6.2 before SGOS 6.2.2.1 writes the secure heap to core images, which allows context-dependent attackers to obtain sensitive authentication information by leveraging read access to a downloaded core file. | ||||
| CVE-2011-0178 | 1 Apple | 3 Carboncore, Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory. | ||||
| CVE-2012-0433 | 1 Crowbar Project | 1 Crowbar | 2024-09-17 | N/A |
| The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data. | ||||