Total
8780 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-5641 | 1 Rapid7 | 1 Insightvm | 2024-09-16 | 3.3 Low |
| Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user | ||||
| CVE-2018-6293 | 1 Hyland | 1 Saperion Web Client | 2024-09-16 | N/A |
| Arbitrary File Read in Saperion Web Client version 7.5.2 83166. | ||||
| CVE-2017-2730 | 2 Apple, Huawei | 3 Iphone Os, Hilink, Tech Support | 2024-09-16 | N/A |
| HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and HUAWEI Tech Support APP (for IOS) versions earlier before 5.0.0 have an information leak vulnerability. When an iPhone with these APPs installed access the Wi-Fi hotpot built by attacker, the attacker can collect the information of iPhone mode and firmware version. | ||||
| CVE-2018-0474 | 1 Cisco | 1 Unified Communications Manager | 2024-09-16 | 8.8 High |
| A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view digest credentials in clear text. The vulnerability is due to the incorrect inclusion of saved passwords in configuration pages. An attacker could exploit this vulnerability by logging in to the Cisco Unified Communications Manager web-based management interface and viewing the source code for the configuration page. A successful exploit could allow the attacker to recover passwords and expose those accounts to further attack. | ||||
| CVE-2017-1157 | 1 Ibm | 1 Jazz Reporting Service | 2024-09-16 | N/A |
| IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an authenticated attacker to access report data that should be restricted to authorized users. IBM X-Force ID: 122788. | ||||
| CVE-2010-2982 | 1 Cisco | 1 Unified Wireless Network Solution Software | 2024-09-16 | N/A |
| Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037. | ||||
| CVE-2017-1241 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2024-09-16 | N/A |
| An unspecified vulnerability in IBM Jazz Foundation based applications might allow the display of stack trace information to an attacker. IBM X-Force ID: 124523. | ||||
| CVE-2017-3110 | 1 Adobe | 1 Experience Manager | 2024-09-16 | N/A |
| Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability. | ||||
| CVE-2018-8798 | 2 Debian, Rdesktop | 2 Debian Linux, Rdesktop | 2024-09-16 | N/A |
| rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak. | ||||
| CVE-2017-1119 | 1 Ibm | 1 Marketing Operations | 2024-09-16 | N/A |
| IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be returned containing the full root path. An attacker could use this information to launch further attacks against the affected system. IBM X-Force ID: 121171. | ||||
| CVE-2017-1741 | 1 Ibm | 1 Websphere Application Server | 2024-09-16 | N/A |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console panel fields. When exploited an attacker could read files on the file system. IBM X-Force ID: 134931. | ||||
| CVE-2012-5868 | 1 Wordpress | 1 Wordpress | 2024-09-16 | N/A |
| WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upon an administrator's logout action, which makes it easier for remote attackers to discover valid session identifiers via a brute-force attack, or modify data via a replay attack. | ||||
| CVE-2017-5785 | 1 Hp | 1 Matrix Operating Environment | 2024-09-16 | N/A |
| A remote information disclosure vulnerability in HPE Matrix Operating Environment version v7.6 was found. | ||||
| CVE-2011-3822 | 1 Xoops | 1 Xoops | 2024-09-16 | N/A |
| XOOPS 2.5.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/system/xoops_version.php and certain other files. | ||||
| CVE-2018-1805 | 1 Ibm | 1 Security Access Manager | 2024-09-16 | N/A |
| IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 149704. | ||||
| CVE-2017-15530 | 1 Symantec | 1 Norton Family | 2024-09-16 | N/A |
| Prior to 4.4.1.10, the Norton Family Android App can be susceptible to an Information Disclosure issue. Information disclosure is a very common issue that attackers will attempt to exploit as a first pass across the application. As they probe the application they will take note of anything that may seem out of place or any bit of information they can use to their advantage such as error messages, system information, user data, version numbers, component names, URL paths, or even simple typos and misspellings. | ||||
| CVE-2018-15765 | 1 Dell | 1 Emc Secure Remote Services | 2024-09-16 | N/A |
| Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authentication tokens which may prove useful to an attacker for crafting malicious authentication tokens for querying the application and subsequent attacks. | ||||
| CVE-2012-4012 | 1 Cybozu | 1 Kunai | 2024-09-16 | N/A |
| The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. | ||||
| CVE-2017-2732 | 1 Huawei | 1 Hilink | 2024-09-16 | N/A |
| Huawei Hilink APP Versions earlier before 5.0.25.306 has an information leak vulnerability. An attacker may trick a user into installing a malicious application and application can access Hilink APP data. | ||||
| CVE-2011-4698 | 2 Android, Androidapptools | 2 Android, Easy Filter | 2024-09-16 | N/A |
| The AndroidAppTools Easy Filter (com.phoneblocker.android) application 1.1 and 1.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and call records via a crafted application. | ||||