Total
8775 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1395 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2024-09-17 | N/A |
| IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 127341. | ||||
| CVE-2018-20607 | 1 Txjia | 1 Imcat | 2024-09-17 | N/A |
| imcat 4.4 allows remote attackers to obtain potentially sensitive debugging information via the root/tools/adbug/binfo.php URI. | ||||
| CVE-2017-9681 | 1 Google | 1 Android | 2024-09-17 | N/A |
| In Android before 2017-08-05 on Qualcomm MSM, Firefox OS for MSM, QRD Android, and all Android releases from CAF using the Linux kernel, if kernel memory address is passed from userspace through iris_vidioc_s_ext_ctrls ioctl, it will print kernel address data. A user could set it to an arbitrary kernel address, hence information disclosure (for kernel) could occur. | ||||
| CVE-2008-7292 | 2 Microsoft, Mozilla | 2 Windows, Bugzilla | 2024-09-17 | N/A |
| Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2011-2977. | ||||
| CVE-2022-31221 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-09-17 | 2.3 Low |
| Dell BIOS versions contain an Information Exposure vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order access sensitive state information on the system. | ||||
| CVE-2017-6283 | 2 Google, Nvidia | 3 Android, Shield Tv, Shield Tv Firmware | 2024-09-17 | N/A |
| NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. This issue is rated as high. | ||||
| CVE-2017-13246 | 1 Google | 1 Android | 2024-09-17 | N/A |
| A information disclosure vulnerability in the Upstream kernel network driver. Product: Android. Versions: Android kernel. ID: A-36279469. | ||||
| CVE-2017-8678 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-09-17 | N/A |
| The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Win32k Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8677, CVE-2017-8680, CVE-2017-8681, and CVE-2017-8687. | ||||
| CVE-2011-1643 | 1 Cisco | 2 Unified Communications Manager, Unified Presence Server | 2024-09-17 | N/A |
| Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833. | ||||
| CVE-2017-1633 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-17 | N/A |
| IBM Sterling B2B Integrator 5.2 through 5.2.6 could allow an authenticated attacker to obtain sensitive variable name information using specially crafted HTTP requests. IBM X-Force ID: 133180. | ||||
| CVE-2011-3817 | 1 Websitebaker2 | 1 Website Baker | 2024-09-17 | N/A |
| Website Baker 2.8.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/media/parameters.php and certain other files. NOTE: this might overlap CVE-2005-2436. | ||||
| CVE-2018-2026 | 1 Ibm | 1 Financial Transaction Manager | 2024-09-17 | N/A |
| IBM Financial Transaction Manager 3.2.1 for Digital Payments could allow an authenticated user to obtain a directory listing of internal product files. IBM X-Force ID: 155552. | ||||
| CVE-2018-13288 | 1 Synology | 1 File Station | 2024-09-17 | N/A |
| Information exposure vulnerability in SYNO.FolderSharing.List in Synology File Station before 1.2.3-0252 and before 1.1.5-0125 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter. | ||||
| CVE-2017-1544 | 1 Ibm | 1 Sterling File Gateway | 2024-09-17 | N/A |
| IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) caches usernames and passwords in browsers that could be used by a local attacker to obtain sensitive information. IBM X-Force ID: 130812. | ||||
| CVE-2018-0800 | 1 Microsoft | 3 Chakracore, Edge, Windows 10 | 2024-09-17 | N/A |
| Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0780. | ||||
| CVE-2021-39019 | 3 Ibm, Linux, Microsoft | 3 Engineering Lifecycle Optimization Publishing, Linux Kernel, Windows | 2024-09-17 | 6.5 Medium |
| IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user. IBM X-Force ID: 213728. | ||||
| CVE-2018-1999009 | 1 Octobercms | 1 October | 2024-09-17 | N/A |
| October CMS version prior to Build 437 contains a Local File Inclusion vulnerability in modules/system/traits/ViewMaker.php#244 (makeFileContents function) that can result in Sensitive information disclosure and remote code execution. This attack appear to be exploitable remotely if the /backend path is accessible. This vulnerability appears to have been fixed in Build 437. | ||||
| CVE-2018-1000645 | 1 Librehealth | 1 Librehealth Ehr | 2024-09-17 | N/A |
| LibreHealthIO lh-ehr version <REL-2.0.0 contains an Authenticated Local File Disclosure vulnerability in Importing of templates allows local file disclosure that can result in Disclosure of sensitive files on the server. This attack appear to be exploitable via User controlled variable in import templates function. | ||||
| CVE-2019-9849 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-09-17 | 4.3 Medium |
| LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5. | ||||
| CVE-2017-16076 | 1 Proxy.js Project | 1 Proxy.js | 2024-09-17 | N/A |
| proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||