Total
8779 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-1000186 | 1 Jenkins | 1 Github Pull Request Builder | 2024-09-16 | N/A |
| A exposure of sensitive information vulnerability exists in Jenkins GitHub Pull Request Builder Plugin 1.41.0 and older in GhprbGitHubAuth.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2017-8685 | 1 Microsoft | 2 Windows 7, Windows Server 2008 | 2024-09-16 | N/A |
| Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8684 and CVE-2017-8688. | ||||
| CVE-2017-3118 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2024-09-16 | N/A |
| Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability related to execution of malicious attachments. | ||||
| CVE-2019-4437 | 1 Ibm | 1 Api Connect | 2024-09-16 | 5.3 Medium |
| IBM API Connect 2018.1 through 2018.4.1.6 may inadvertently leak sensitive details about internal servers and network via API swagger. IBM X-force ID: 162947. | ||||
| CVE-2021-21435 | 1 Otrs | 1 Otrs | 2024-09-16 | 5.7 Medium |
| Article Bcc fields and agent personal information are shown when customer prints the ticket (PDF) via external interface. This issue affects: OTRS AG OTRS 7.0.x version 7.0.23 and prior versions; 8.0.x version 8.0.10 and prior versions. | ||||
| CVE-2013-0982 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-16 | N/A |
| The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage of permanent cookies upon exit from Safari, which might allow physically proximate attackers to bypass cookie-based authentication by leveraging an unattended workstation. | ||||
| CVE-2010-4608 | 1 Habariproject | 1 Habari | 2024-09-16 | N/A |
| Habari 0.6.5 allows remote attackers to obtain sensitive information via a direct request to (1) header.php and (2) comments_items.php in system/admin/, which reveals the installation path in an error message. | ||||
| CVE-2013-4766 | 1 Eucalyptus | 1 Eucalyptus | 2024-09-16 | N/A |
| The gather log service in Eucalyptus before 3.3.1 allows remote attackers to read log files via an unspecified request to the (1) Cluster Controller (CC) or (2) Node Controller (NC) component. | ||||
| CVE-2015-7946 | 1 Ubports | 1 Unity8 | 2024-09-16 | 7.3 High |
| Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere. This allows an attacker to enable the MTP service by opening the emergency dialer. Fixed in 8.11+16.04.20160111.1-0ubuntu1 and 8.11+15.04.20160122-0ubuntu1. | ||||
| CVE-2022-27912 | 1 Joomla | 1 Joomla\! | 2024-09-16 | 5.3 Medium |
| An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests. | ||||
| CVE-2013-6020 | 1 Tylertech | 1 Taxweb | 2024-09-16 | N/A |
| passwordRequestPOST.jsp in Tyler Technologies TaxWeb 3.13.3.1 sends different HTTP status codes for invalid password-recovery requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests to the (1) Assessor, (2) Recorder, or (3) Treasurer application. | ||||
| CVE-2017-7633 | 1 Qnap | 1 Qfinder Pro | 2024-09-16 | N/A |
| QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive information contained in NAS devices. If exploited, this may allow attackers to further compromise the device. | ||||
| CVE-2011-3797 | 1 Projectpier | 1 Projectpier | 2024-09-16 | N/A |
| ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgrade/templates/layout.php and certain other files. | ||||
| CVE-2017-9795 | 1 Apache | 1 Geode | 2024-09-16 | N/A |
| When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries that allow read and write access to objects within unauthorized regions. In addition a user could invoke methods that allow remote code execution. | ||||
| CVE-2017-12625 | 1 Apache | 1 Hive | 2024-09-16 | N/A |
| Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for masked columns. | ||||
| CVE-2020-1775 | 1 Otrs | 1 Otrs | 2024-09-16 | 3.5 Low |
| BCC recipients in mails sent from OTRS are visible in article detail on external interface. This issue affects OTRS: 8.0.3 and prior versions, 7.0.17 and prior versions. | ||||
| CVE-2017-11844 | 1 Microsoft | 3 Edge, Windows 10, Windows Server | 2024-09-16 | N/A |
| Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, version 1709 allows an attacker to obtain information to further compromise the user's system, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11803 and CVE-2017-11833. | ||||
| CVE-2017-13268 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67058064. | ||||
| CVE-2017-5795 | 1 Hp | 1 Intelligent Management Center | 2024-09-16 | N/A |
| A Local Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) version PLAT 7.2 E0403P06 was found. | ||||
| CVE-2017-5188 | 1 Opensuse | 1 Open Build Service | 2024-09-16 | N/A |
| The bs_worker code in open build service before 20170320 followed relative symlinks, allowing reading of files outside of the package source directory during build, allowing leakage of private information. | ||||