Total
8779 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-1957 | 1 Ibm | 1 Websphere Application Server | 2024-09-16 | N/A |
| IBM WebSphere Application Server 9 could allow sensitive information to be available caused by mishandling of data by the application based on an incorrect return by the httpServletRequest#authenticate() API when an unprotected URI is accessed. IBM X-Force ID: 153629. | ||||
| CVE-2011-3502 | 1 Cogentdatahub | 1 Cogent Datahub | 2024-09-16 | N/A |
| The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing (1) space or (2) %2e (encoded dot). | ||||
| CVE-2018-20812 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2024-09-16 | N/A |
| An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints. | ||||
| CVE-2022-43868 | 1 Ibm | 1 Security Verify Access Oidc Provider | 2024-09-16 | 5.3 Medium |
| IBM Security Verify Access OIDC Provider could disclose directory information that could aid attackers in further attacks against the system. IBM X-Force ID: 239445. | ||||
| CVE-2018-1000145 | 1 Jenkins | 1 Perforce | 2024-09-16 | N/A |
| An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them. | ||||
| CVE-2012-3034 | 1 Siemens | 2 Simatic Pcs7, Wincc | 2024-09-16 | N/A |
| WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls. | ||||
| CVE-2022-27633 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2024-09-16 | 7.5 High |
| An information disclosure vulnerability exists in the confctl_get_guest_wlan functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to information disclosure. An attacker can send packets to trigger this vulnerability. | ||||
| CVE-2011-3784 | 1 Phpnuke | 1 Php-nuke | 2024-09-16 | N/A |
| Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files. | ||||
| CVE-2020-35611 | 1 Joomla | 1 Joomla\! | 2024-09-16 | 7.5 High |
| An issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal configuration page does not remove secrets from the HTML output, disclosing the current values. | ||||
| CVE-2021-44739 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-09-16 | 4.3 Medium |
| Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page. | ||||
| CVE-2017-15212 | 1 Kanboard | 1 Kanboard | 2024-09-16 | N/A |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can at least see the names of tags of a private project of another user. | ||||
| CVE-2018-2008 | 1 Ibm | 1 Tririga Application Platform | 2024-09-16 | N/A |
| IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 could disclose sensitive information to an authenticated user that could aid in further attacks against the system. IBM X-Force ID: 155146. | ||||
| CVE-2015-3030 | 1 Mcafee | 1 Advanced Threat Defense | 2024-09-16 | N/A |
| The web interface in McAfee Advanced Threat Defense (MATD) before 3.4.4.63 allows remote authenticated users to obtain sensitive configuration information via unspecified vectors. | ||||
| CVE-2017-1295 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2024-09-16 | N/A |
| IBM RSA DM contains unspecified vulnerability in CLM Applications with potential for information leakage. IBM X-Force ID: 125157. | ||||
| CVE-2012-6541 | 1 Linux | 1 Linux Kernel | 2024-09-16 | N/A |
| The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. | ||||
| CVE-2016-2978 | 1 Ibm | 1 Sametime | 2024-09-16 | N/A |
| IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache locally that could be available to a local user. IBM X-Force ID: 113938. | ||||
| CVE-2022-27863 | 1 Vikwp | 1 Vikbooking Hotel Booking Engine \& Property Management System Plugin | 2024-09-16 | 5.3 Medium |
| Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 on WordPress allows attackers to get the booking data by guessing / brute-forcing easy predictable booking IDs via search POST requests. | ||||
| CVE-2011-3716 | 1 Claroline | 1 Claroline | 2024-09-16 | N/A |
| Claroline 1.9.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by work/connector/linker.cnr.php and certain other files. | ||||
| CVE-2017-12092 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2024-09-16 | N/A |
| An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a file write resulting in a new program being written to the memory module. An attacker can send an unauthenticated packet to trigger this vulnerability. | ||||
| CVE-2017-8985 | 1 Hp | 1 Xp Storage Hitachi Global Link Manager | 2024-09-16 | N/A |
| HPE XP Storage using Hitachi Global Link Manager (HGLM) has a local authenticated information disclosure vulnerability in HGLM version HGLM 6.3.0-00 to 8.5.2-00. | ||||