Total
8779 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-0766 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2024-09-16 | N/A |
| Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the Microsoft Edge PDF Reader handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". | ||||
| CVE-2017-8739 | 1 Microsoft | 2 Edge, Windows 10 | 2024-09-16 | N/A |
| Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". | ||||
| CVE-2010-4760 | 1 Otrs | 1 Otrs | 2024-09-16 | N/A |
| Open Ticket Request System (OTRS) before 3.0.0-beta6 adds email-notification-ext articles to tickets during processing of event-based notifications, which allows remote authenticated users to obtain potentially sensitive information by reading a ticket. | ||||
| CVE-2018-1723 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | N/A |
| IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2 could allow an unprivileged, authenticated user with access to a GPFS node to read arbitrary files available on this node. IBM X-Force ID: 147373. | ||||
| CVE-2010-4563 | 1 Linux | 1 Linux Kernel | 2024-09-16 | N/A |
| The Linux kernel, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping. | ||||
| CVE-2019-3781 | 1 Cloudfoundry | 1 Command Line Interface | 2024-09-16 | 8.8 High |
| Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace/debugging is turned on. A local unauthenticated or remote authenticated malicious user with access to logs may gain part or all of a users password. | ||||
| CVE-2017-1734 | 1 Ibm | 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more | 2024-09-16 | N/A |
| IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) stores potentially sensitive information in a cache that could be read by authenticated users. IBM X-Force ID: 134915. | ||||
| CVE-2017-12128 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2024-09-16 | 7.5 High |
| An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability. | ||||
| CVE-2018-3928 | 1 Yitechnology | 2 Yi Home Camera, Yi Home Camera Firmware | 2024-09-16 | 7.5 High |
| An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a settings change, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability. | ||||
| CVE-2021-22276 | 1 Abb | 10 System Access Point 127v, System Access Point 127v Firmware, System Access Point 2.0 and 7 more | 2024-09-16 | 6.1 Medium |
| The vulnerability allows a successful attacker to bypass the integrity check of FW uploaded to the free@home System Access Point. | ||||
| CVE-2019-4751 | 1 Ibm | 1 Cloud App Management | 2024-09-16 | 5.3 Medium |
| IBM Cloud App Management 2019.3.0 and 2019.4.0 reveals a stack trace on certain API requests which can allow an attacker further information about the implementation of the offering. IBM X-Force ID: 173311. | ||||
| CVE-2021-21590 | 1 Dell | 3 Emc Unity Operating Environment, Emc Unity Xt Operating Environment, Emc Unityvsa Operating Environment | 2024-09-16 | 6.4 Medium |
| Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user. | ||||
| CVE-2017-5738 | 1 Intel | 1 Unite | 2024-09-16 | N/A |
| Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or information disclosure. | ||||
| CVE-2012-3838 | 1 Babygekko | 1 Baby Gekko | 2024-09-16 | N/A |
| Gekko before 1.2.0 allows remote attackers to obtain the installation path via a direct request to (1) admin/templates/babygekko/index.php or (2) templates/html5demo/index.php. | ||||
| CVE-2017-11797 | 1 Microsoft | 1 Chakracore | 2024-09-16 | N/A |
| ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | ||||
| CVE-2011-3757 | 1 Moodle | 1 Moodle | 2024-09-16 | N/A |
| Moodle 2.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by webservice/xmlrpc/locallib.php and certain other files. | ||||
| CVE-2017-11784 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2024-09-16 | N/A |
| The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11765, CVE-2017-11785, and CVE-2017-11814. | ||||
| CVE-2002-2317 | 1 Symantec | 1 Velociraptor | 2024-09-16 | N/A |
| Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method. | ||||
| CVE-2012-0837 | 1 Joomla | 1 Joomla\! | 2024-09-16 | N/A |
| Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain the installation path via unspecified vectors related to "administrator." | ||||
| CVE-2018-1697 | 1 Ibm | 1 Maximo Asset Management | 2024-09-16 | N/A |
| IBM Maximo Asset Management 7.6 could allow an authenticated user to enumerate usernames using a specially crafted HTTP request. IBM X-Force ID: 145966. | ||||