Total
10441 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-5187 | 1 Candlepinproject | 1 Candlepin | 2025-04-20 | N/A |
| Candlepin allows remote attackers to obtain sensitive information by obtaining Java exception statements as a result of excessive web traffic. | ||||
| CVE-2017-5184 | 1 Microfocus | 1 Sentinel | 2025-04-20 | N/A |
| A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow leakage of information (account enumeration). | ||||
| CVE-2015-8559 | 1 Chef | 1 Chef | 2025-04-20 | 7.5 High |
| The knife bootstrap command in chef Infra client before version 15.4.45 leaks the validator.pem private RSA key to /var/log/messages. | ||||
| CVE-2015-8378 | 1 Keepassx Project | 1 Keepassx | 2025-04-20 | N/A |
| In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile. | ||||
| CVE-2015-8276 | 1 Eparaksts | 2 Edoc-libraries, Eparakstitajs 3 | 2025-04-20 | N/A |
| LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to read arbitrary files via crafted EDOC files. | ||||
| CVE-2016-10047 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file. | ||||
| CVE-2015-8020 | 1 Netapp | 1 Clustered Data Ontap | 2025-04-20 | N/A |
| Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default privileged account which under certain conditions can be used for unauthorized information disclosure. | ||||
| CVE-2015-7945 | 1 Spi-inc | 1 Ganeti | 2025-04-20 | N/A |
| The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job results. | ||||
| CVE-2017-1162 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2025-04-20 | N/A |
| IBM QRadar 7.2 and 7.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 122957. | ||||
| CVE-2015-7514 | 1 Openstack | 1 Ironic | 2025-04-20 | N/A |
| OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authenticated users to obtain sensitive information. | ||||
| CVE-2017-13664 | 1 Ismartalarm | 2 Cubeone, Cubeone Firmware | 2025-04-20 | N/A |
| Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to execute arbitrary commands with administrative privileges by retrieving credentials from this file. | ||||
| CVE-2017-0708 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A information disclosure vulnerability in the HTC sound driver. Product: Android. Versions: Android kernel. Android ID: A-35384879. | ||||
| CVE-2017-0699 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A information disclosure vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36490809. | ||||
| CVE-2015-6671 | 1 Edx | 1 Edx-platform | 2025-04-20 | 5.9 Medium |
| Open edX edx-platform before 2015-08-25 requires use of the database for storage of SAML SSO secrets, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging access to a database backup. | ||||
| CVE-2017-1596 | 1 Ibm | 1 Security Guardium | 2025-04-20 | N/A |
| IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132550. | ||||
| CVE-2016-5813 | 1 Visonic | 2 Powerlink2, Powerlink2 Firmware | 2025-04-20 | N/A |
| An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. When a specific URL to an image is accessed, the downloaded image carries with it source code used in the web server (INFORMATION EXPOSURE). | ||||
| CVE-2015-6250 | 1 Simple-php-captcha Project | 1 Simple-php-captcha | 2025-04-20 | N/A |
| simple-php-captcha before commit 9d65a945029c7be7bb6bc893759e74c5636be694 allows remote attackers to automatically generate the captcha response by running the same code on the client-side. | ||||
| CVE-2015-5959 | 1 Froxlor | 1 Froxlor | 2025-04-20 | N/A |
| Froxlor before 0.9.33.2 with the default configuration/setup might allow remote attackers to obtain the database password by reading /logs/sql-error.log. | ||||
| CVE-2017-0698 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A information disclosure vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35467458. | ||||
| CVE-2015-5677 | 1 Freebsd | 1 Freebsd | 2025-04-20 | N/A |
| bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file. | ||||