Search Results (26351 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-2971 1 Ibm 1 Sametime 2025-04-20 N/A
IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive information in stack trace error logs that could aid an attacker in future attacks. IBM X-Force ID: 113898.
CVE-2015-5378 2 Elastic, Elasticsearch 2 Logstash, Logstash 2025-04-20 N/A
Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications between Logstash Forwarder agent and Logstash server.
CVE-2015-8544 1 Netapp 1 Snapdrive 2025-04-20 N/A
NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2017-8258 1 Google 1 Android 2025-04-20 N/A
An array out-of-bounds access in all Qualcomm products with Android releases from CAF using the Linux kernel can potentially occur in a camera driver.
CVE-2015-5248 1 Redhat 1 Feedhenry Enterprise Mobile Application Platform 2025-04-20 N/A
Reflected file download vulnerability in Red Hat Feedhenry Enterprise Mobile Application Platform.
CVE-2016-4442 1 Miniprofiler 1 Rack-mini-profiler 2025-04-20 N/A
The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks.
CVE-2015-1611 1 Opendaylight 1 Openflow 2025-04-20 N/A
OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection."
CVE-2015-9044 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list.
CVE-2015-9048 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of lost RTP packets.
CVE-2016-7958 1 Wireshark 1 Wireshark 2025-04-20 N/A
In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/CMakeLists.txt by registering this dissector.
CVE-2015-5209 1 Apache 1 Struts 2025-04-20 N/A
Apache Struts 2.x before 2.3.24.1 allows remote attackers to manipulate Struts internals, alter user sessions, or affect container settings via vectors involving a top object.
CVE-2015-9051 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on a length in a System Information message.
CVE-2016-8017 1 Mcafee 1 Virusscan Enterprise 2025-04-20 N/A
Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.
CVE-2015-2886 1 Ibaby 2 M6 Baby Monitor, M6 Baby Monitor Firmware 2025-04-20 N/A
iBaby M6 allows remote attackers to obtain sensitive information, related to the ibabycloud.com service.
CVE-2016-9459 2 Nextcloud, Owncloud 2 Nextcloud Server, Owncloud 2025-04-20 N/A
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a log pollution vulnerability potentially leading to a local XSS. The download log functionality in the admin screen is delivering the log in JSON format to the end-user. The file was delivered with an attachment disposition forcing the browser to download the document. However, Firefox running on Microsoft Windows would offer the user to open the data in the browser as an HTML document. Thus any injected data in the log would be executed.
CVE-2016-6068 1 Ibm 1 Urbancode Deploy 2025-04-20 N/A
IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties.
CVE-2013-6049 2 Apt-listbugs Project, Debian 2 Apt-listbugs, Debian Linux 2025-04-20 N/A
apt-listbugs before 0.1.10 creates temporary files insecurely, which allows attackers to have unspecified impact via unknown vectors.
CVE-2016-6034 2 Ibm, Microsoft 2 Tivoli Storage Manager For Virtual Environments Data Protection For Vmware, Windows 2025-04-20 N/A
IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges.
CVE-2015-2246 1 Huawei 2 P7-l10, P7-l10 Firmware 2025-04-20 N/A
The MeWidget module on Huawei P7 smartphones with software P7-L10 V100R001C00B136 and earlier versions could lead to the disclosure of contact information.
CVE-2015-2156 3 Lightbend, Netty, Playframework 3 Play Framework, Netty, Play Framework 2025-04-20 N/A
Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.