Export limit exceeded: 340686 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24742 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-6122 | 1 Ibm | 1 Kenexa Lms On Cloud | 2025-04-20 | N/A |
| IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 discloses answers to security questions in a response to authenticated users. | ||||
| CVE-2016-3109 | 1 Shopware | 1 Shopware | 2025-04-20 | N/A |
| The backend/Login/load/ script in Shopware before 5.1.5 allows remote attackers to execute arbitrary code. | ||||
| CVE-2016-6129 | 2 Libtom, Op-tee | 2 Libtomcrypt, Op-tee Os | 2025-04-20 | N/A |
| The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a Bleichenbacher signature forgery attack. | ||||
| CVE-2016-6131 | 1 Gnu | 1 Libiberty | 2025-04-20 | N/A |
| The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types. | ||||
| CVE-2016-3111 | 2 Pulpproject, Redhat | 3 Pulp, Satellite, Satellite Capsule | 2025-04-20 | N/A |
| pulp.spec in the installation process for Pulp 2.8.3 generates the RSA key pairs used to validate messages between the pulp server and pulp consumers in a directory that is world-readable before later modifying the permissions, which might allow local users to read the generated RSA keys via reading the key files while the installation process is running. | ||||
| CVE-2016-3124 | 1 Simplesamlphp | 1 Simplesamlphp | 2025-04-20 | N/A |
| The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors. | ||||
| CVE-2016-3127 | 1 Blackberry | 1 Good Control Server | 2025-04-20 | N/A |
| An information disclosure vulnerability in the logging implementation of BlackBerry Good Control Server versions earlier than 2.3.53.62 allows remote attackers to gain and use logged encryption keys to access certain resources within a customer's Good deployment by gaining access to certain diagnostic log files through either a valid logon or an unrelated compromise of the server. | ||||
| CVE-2016-3130 | 1 Blackberry | 1 Enterprise Service | 2025-04-20 | N/A |
| An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to obtain local or domain credentials of an administrator or user account by sniffing traffic between the two elements during a login attempt. | ||||
| CVE-2016-3152 | 1 Barco | 2 Clickshare Csc-1, Clickshare Csc-1 Firmware | 2025-04-20 | N/A |
| Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the root password by downloading and extracting the firmware image. | ||||
| CVE-2016-6206 | 1 Huawei | 2 Ar3200, Ar3200 Firmware | 2025-04-20 | N/A |
| Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet. | ||||
| CVE-2016-6190 | 1 Inverse-inc | 1 Sogo | 2025-04-20 | N/A |
| SOGo before 2.3.12 and 3.x before 3.1.1 does not restrict access to the UID and DTSTAMP attributes, which allows remote authenticated users to obtain sensitive information about appointments with the "View the Date & Time" restriction, as demonstrated by correlating UIDs and DTSTAMPs between all users. | ||||
| CVE-2016-6210 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2025-04-20 | N/A |
| sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided. | ||||
| CVE-2016-6220 | 1 Trendmicro | 1 Control Manager | 2025-04-20 | 7.5 High |
| Information Disclosure vulnerability in the Dashboard and Error Pages in Trend Micro Control Manager SP3 6.0. | ||||
| CVE-2016-6234 | 1 Lepton Project | 1 Lepton | 2025-04-20 | N/A |
| The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (crash) via a crafted jpeg file. | ||||
| CVE-2016-6239 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
| The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value. | ||||
| CVE-2016-6243 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
| thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. | ||||
| CVE-2016-6244 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
| The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value. | ||||
| CVE-2016-6246 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
| OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node. | ||||
| CVE-2016-6247 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
| OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist. | ||||
| CVE-2016-6249 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2025-04-20 | N/A |
| F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout during user account authentication may log sensitive attributes such as passwords in plaintext to /var/log/restjavad.0.log. It may allow local users to obtain sensitive information by reading these files. | ||||