Total
8779 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-23386 | 1 Dns-packet Project | 1 Dns-packet | 2024-09-16 | 7.7 High |
| This affects the package dns-packet before 5.2.2. It creates buffers with allocUnsafe and does not always fill them before forming network packets. This can expose internal application memory over unencrypted network when querying crafted invalid domain names. | ||||
| CVE-2017-5801 | 1 Hp | 1 Business Process Monitor | 2024-09-16 | N/A |
| A Remote Unauthorized Access to Data vulnerability in HPE Business Process Monitor version v09.2x, v09.30 was found. | ||||
| CVE-2011-3801 | 1 Simpletest | 1 Simpletest | 2024-09-16 | N/A |
| SimpleTest 1.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by test/visual_test.php and certain other files. | ||||
| CVE-2017-0776 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38496660. | ||||
| CVE-2022-23726 | 1 Pingidentity | 1 Pingcentral | 2024-09-16 | 5.4 Medium |
| PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information. | ||||
| CVE-2017-0792 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A information disclosure vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37305578. References: B-V2017052301. | ||||
| CVE-2017-16075 | 1 Http-proxy.js Project | 1 Http-proxy.js | 2024-09-16 | N/A |
| http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2011-4894 | 1 Tor | 1 Tor | 2024-09-16 | N/A |
| Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort access instead of a Tor TLS connection for a directory fetch, which makes it easier for remote attackers to enumerate bridges by observing DirPort connections. | ||||
| CVE-2011-3789 | 1 Phpwcms | 1 Phpwcms | 2024-09-16 | N/A |
| phpwcms 1.4.7 r412 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by template/inc_script/frontend_render/disabled/majonavi.php and certain other files. | ||||
| CVE-2018-1999 | 1 Ibm | 2 Business Automation Workflow, Business Process Manager | 2024-09-16 | N/A |
| IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 154889. | ||||
| CVE-2018-9852 | 1 Gxlcms | 1 Gxlcms Qy | 2024-09-16 | 9.8 Critical |
| In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read data from a database by embedding a FROM clause in a query string within a Home-Hits request, as demonstrated hy sid=user,password%20from%20mysql.user%23. | ||||
| CVE-2021-30168 | 1 Meritlilin | 82 P2g1022, P2g1022 Firmware, P2g1022x and 79 more | 2024-09-16 | 9.8 Critical |
| The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant administrator’s credential and further control the devices. | ||||
| CVE-2018-1917 | 1 Ibm | 2 Infosphere Information Server, Infosphere Information Server On Cloud | 2024-09-16 | N/A |
| IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an authenticated user to access JSP files and disclose sensitive information. IBM X-Force ID: 152784. | ||||
| CVE-2016-10406 | 1 Qualcomm | 38 Mdm9650, Mdm9650 Firmware, Sd 205 and 35 more | 2024-09-16 | N/A |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, and SD 835, while printing debug message of a pointer in wlan_qmi_err_cb, the real kernel address will be printed regardless of the kptr_restrict system settings. | ||||
| CVE-2020-4159 | 1 Ibm | 1 Qradar Network Security | 2024-09-16 | 7.5 High |
| IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system. IBM X-Force ID: 174339. | ||||
| CVE-2017-8258 | 1 Google | 1 Android | 2024-09-16 | N/A |
| An array out-of-bounds access in all Qualcomm products with Android releases from CAF using the Linux kernel can potentially occur in a camera driver. | ||||
| CVE-2007-6043 | 1 Microsoft | 1 Windows 2000 | 2024-09-16 | N/A |
| The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on (1) forward security and (2) backward security, related to use of eight instances of the RC4 cipher, and possibly a related issue to CVE-2007-3898. | ||||
| CVE-2011-3742 | 1 Helpcenterlive | 1 Helpcenter Live | 2024-09-16 | N/A |
| HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/HelpCenter/index.php and certain other files. | ||||
| CVE-2018-1732 | 1 Ibm | 1 Qradar Advisor With Watson | 2024-09-16 | N/A |
| IBM QRadar Advisor with Watson 1.14.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 147810. | ||||
| CVE-2018-15446 | 1 Cisco | 1 Meeting Server | 2024-09-16 | N/A |
| A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper protections on data that is returned from user meeting requests when the Guest access via ID and passcode option is set to Legacy mode. An attacker could exploit this vulnerability by sending meeting requests to an affected system. A successful exploit could allow the attacker to determine the values of meeting room unique identifiers, possibly allowing the attacker to conduct further exploits. | ||||