Total
8698 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15833 | 1 Google | 1 Android | 2024-09-17 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, untrusted pointer dereference in update_userspace_power() function in power leads to information exposure. | ||||
| CVE-2020-16121 | 2 Canonical, Packagekit Project | 2 Ubuntu Linux, Packagekit | 2024-09-17 | 3.3 Low |
| PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own. | ||||
| CVE-2017-11919 | 1 Microsoft | 10 Chakracore, Edge, Internet Explorer and 7 more | 2024-09-17 | N/A |
| ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11887 and CVE-2017-11906. | ||||
| CVE-2011-3781 | 1 Phpids | 1 Phpids | 2024-09-17 | N/A |
| PHPIDS 0.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/IDS/VersionTest.php and certain other files. | ||||
| CVE-2011-2059 | 1 Cisco | 1 Ios | 2024-09-17 | N/A |
| The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219. | ||||
| CVE-2012-6466 | 1 Opera | 1 Opera Browser | 2024-09-17 | N/A |
| Opera before 12.10 does not properly handle incorrect size data in a WebP image, which allows remote attackers to obtain potentially sensitive information from process memory by using a crafted image as the fill pattern for a canvas. | ||||
| CVE-2008-6342 | 2 Lobacher Patrick, Typo3 | 2 Simplefilebrowser, Typo3 | 2024-09-17 | N/A |
| Unspecified vulnerability in the TYPO3 Simple File Browser (simplefilebrowser) extension 1.0.2 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors. | ||||
| CVE-2009-4357 | 1 Ibm | 2 Rational Clearcase, Rational Clearquest | 2024-09-17 | N/A |
| CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors. | ||||
| CVE-2017-1515 | 1 Ibm | 1 Rational Doors | 2024-09-17 | N/A |
| IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to obtain sensitive information from HTTP internal server error responses. IBM X-Force ID: 129825. | ||||
| CVE-2016-4784 | 1 Siemens | 9 Siprotec 4 En100, Siprotec Compact Model 7rw80, Siprotec Compact Model 7sd80 and 6 more | 2024-09-17 | N/A |
| A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02; SIPROTEC 7SJ686 : All versions < V 4.83; SIPROTEC 7UT686 : All versions < V 4.01; SIPROTEC 7SD686 : All versions < V 4.03; SIPROTEC 7SJ66 : All versions < V 4.20. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain sensitive device information if network access was obtained. | ||||
| CVE-2018-2009 | 1 Ibm | 1 Api Connect | 2024-09-17 | N/A |
| IBM API Connect v2018.1 and 2018.4.1 is affected by an information disclosure vulnerability in the consumer API. Any registered user can obtain a list of all other users in all other orgs, including email id/names, etc. IBM X-Force ID: 155148. | ||||
| CVE-2011-3751 | 1 Lifetype | 1 Lifetype | 2024-09-17 | N/A |
| LifeType 1.2.10 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/badbehavior/pluginbadbehavior.class.php. | ||||
| CVE-2020-4226 | 1 Ibm | 1 Mobilefirst Platform Foundation | 2024-09-17 | 7.5 High |
| IBM MobileFirst Platform Foundation 8.0.0.0 stores highly sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 175207. | ||||
| CVE-2014-8528 | 1 Mcafee | 1 Network Data Loss Prevention | 2024-09-17 | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users to obtain sensitive information by reading the audit log. | ||||
| CVE-2012-4390 | 1 Owncloud | 1 Owncloud | 2024-09-17 | N/A |
| (1) apps/calendar/appinfo/remote.php and (2) apps/contacts/appinfo/remote.php in ownCloud before 4.0.7 allows remote authenticated users to enumerate the registered users via unspecified vectors. | ||||
| CVE-2017-0708 | 1 Google | 1 Android | 2024-09-17 | N/A |
| A information disclosure vulnerability in the HTC sound driver. Product: Android. Versions: Android kernel. Android ID: A-35384879. | ||||
| CVE-2017-1423 | 1 Ibm | 1 Websphere Portal | 2024-09-17 | N/A |
| IBM WebSphere Portal 8.5 and 9.0 exposes backend server URLs that are configured for usage by the Web Application Bridge component. IBM X-Force ID: 127476. | ||||
| CVE-2002-2410 | 1 Open Webmail | 1 Open Webmail | 2024-09-17 | N/A |
| openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks and obtain certain configuration and version information. | ||||
| CVE-2018-15771 | 1 Emc | 2 Recoverpoint, Recoverpoint For Virtual Machines | 2024-09-17 | N/A |
| Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an information disclosure vulnerability. A malicious boxmgmt user may potentially be able to determine the existence of any system file via Boxmgmt CLI. | ||||
| CVE-2017-13185 | 1 Google | 1 Android | 2024-09-17 | N/A |
| An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65123471. | ||||