Total
8778 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-8952 | 1 Hp | 1 Sitescope | 2024-09-16 | N/A |
| A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found. | ||||
| CVE-2017-0785 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146698. | ||||
| CVE-2018-17483 | 1 Jollytech | 1 Lobby Track | 2024-09-16 | N/A |
| Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Reports while in kiosk mode. By visiting the kiosk and viewing the driver's license column, an attacker could exploit this vulnerability to view the driver's license number and other personal information. | ||||
| CVE-2017-15850 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, userspace can read values from audio codec registers. | ||||
| CVE-2002-2346 | 1 Phpbb | 1 Phpbb | 2024-09-16 | N/A |
| phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses. | ||||
| CVE-2011-3824 | 1 Yourls | 1 Yourls | 2024-09-16 | N/A |
| Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/auth.php and certain other files. | ||||
| CVE-2011-3722 | 1 Coppermine-gallery | 1 Coppermine Photo Gallery | 2024-09-16 | N/A |
| Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/inspekt.php and certain other files. | ||||
| CVE-2018-1000635 | 1 Openmicroscopy | 1 Omero | 2024-09-16 | N/A |
| The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains a Information Exposure Through Sent Data vulnerability in OMERO.server that can result in an Attacker gaining full administrative access to server and may be able to disable it. This vulnerability appears to have been fixed in 5.4.7. | ||||
| CVE-2017-0738 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A information disclosure vulnerability in the Android media framework (audioserver). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37563371. | ||||
| CVE-2018-1276 | 1 Pivotal Software | 1 Windows Stemcells | 2024-09-16 | N/A |
| Windows 2012R2 stemcells, versions prior to 1200.17, contain an information exposure vulnerability on vSphere. A remote user with the ability to push apps can execute crafted commands to read the IaaS metadata from the VM, which may contain BOSH credentials. | ||||
| CVE-2013-2322 | 1 Hp | 1 Nonstop Sql\/mx | 2024-09-16 | N/A |
| HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to obtain sensitive information via unspecified vectors, aka the "SQL/MP index" issue. | ||||
| CVE-2013-3210 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
| Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain. | ||||
| CVE-2021-20331 | 1 Mongodb | 1 C\# Driver | 2024-09-16 | 4.2 Medium |
| Specific versions of the MongoDB C# Driver may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when commands such as "saslStart", "saslContinue", "isMaster", "createUser", and "updateUser" are executed. Without due care, an application may inadvertently expose this authenticated-related information, e.g., by writing it to a log file. This issue only arises if an application enables the command listener feature (this is not enabled by default). This issue affects the MongoDB C# Driver v2.12 versions prior to and including 2.12.1. | ||||
| CVE-2014-9025 | 1 Commerceguys | 1 Commerce | 2024-09-16 | N/A |
| The default checkout completion rule in the commerce_order module in the Drupal Commerce module 7.x-1.x before 7.x-1.10 for Drupal uses the email address as the username for new accounts created at checkout, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2011-2488 | 1 Joomla | 1 Joomla\! | 2024-09-16 | N/A |
| Joomla! before 1.5.23 does not properly check for errors, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2017-13200 | 1 Google | 1 Android | 2024-09-16 | N/A |
| An information disclosure vulnerability in the Android media framework (av) related to id3 unsynchronization. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63100526. | ||||
| CVE-2007-5554 | 1 Oracle | 1 Database Server | 2024-09-16 | N/A |
| Oracle allows remote attackers to obtain server memory contents via crafted packets, aka Oracle reference number 7892711. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2018-1990 | 1 Ibm | 1 Cloud App Management | 2024-09-16 | N/A |
| IBM Cloud App Management V2018.2.0, V2018.4.0, and V2018.4.1 could allow an attacker to obtain sensitive configuration information using a specially crafted HTTP request. IBM X-Force ID: 154283. | ||||
| CVE-2017-1743 | 1 Ibm | 1 Websphere Application Server | 2024-09-16 | N/A |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console panel fields. When exploited an attacker could browse the file system. IBM X-Force ID: 134933. | ||||
| CVE-2020-4649 | 1 Ibm | 1 Planning Analytics Local | 2024-09-16 | 4.3 Medium |
| IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. IBM X-Force ID: 186022. | ||||