Export limit exceeded: 341651 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10198 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10198 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-6786 | 1 Cisco | 1 Elastic Services Controller | 2025-04-20 | N/A |
| A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system. The vulnerability is due to improper protection of sensitive log files. An attacker could exploit this vulnerability by logging in to an affected system and accessing unprotected log files. A successful exploit could allow the attacker to access sensitive log files, which may include system credentials, on the affected system. Cisco Bug IDs: CSCvc76616. Known Affected Releases: 2.2(9.76). | ||||
| CVE-2017-7923 | 1 Hikvision | 116 Ds-2cd2032-i, Ds-2cd2032-i Firmware, Ds-2cd2112-i and 113 more | 2025-04-20 | N/A |
| A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The password in configuration file vulnerability could allow a malicious user to escalate privileges or assume the identity of another user and access sensitive information. | ||||
| CVE-2017-7947 | 1 Netapp | 1 Clustered Data Ontap | 2025-04-20 | N/A |
| NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command line. | ||||
| CVE-2017-7978 | 1 Samsung | 1 Samsung Mobile | 2025-04-20 | N/A |
| Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290. | ||||
| CVE-2017-7983 | 1 Joomla | 1 Joomla\! | 2025-04-20 | N/A |
| In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), mail sent using the JMail API leaked the used PHPMailer version in the mail headers. | ||||
| CVE-2017-7995 | 3 Novell, Suse, Xen | 6 Suse Linux Enterprise Point Of Sale, Suse Linux Enterprise Server, Manager and 3 more | 2025-04-20 | N/A |
| Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL. | ||||
| CVE-2017-8035 | 1 Cloudfoundry | 2 Capi-release, Cf-release | 2025-04-20 | 7.5 High |
| An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.35.0 and cf-release versions after v244 and prior to v268. A carefully crafted CAPI request from a Space Developer can allow them to gain access to files on the Cloud Controller VM for that installation. | ||||
| CVE-2017-8037 | 1 Cloudfoundry | 2 Capi-release, Cf-release | 2025-04-20 | N/A |
| In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. If you took steps to remediate CVE-2017-8035 you should also upgrade to fix this CVE. A carefully crafted CAPI request from a Space Developer can allow them to gain access to files on the Cloud Controller VM for that installation, aka an Information Leak / Disclosure. | ||||
| CVE-2017-8057 | 1 Joomla | 1 Joomla\! | 2025-04-20 | N/A |
| In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused full path disclosures on systems with enabled error reporting. | ||||
| CVE-2017-8109 | 1 Saltstack | 1 Salt | 2025-04-20 | N/A |
| The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients). | ||||
| CVE-2017-8118 | 1 Huawei | 1 Uma | 2025-04-20 | N/A |
| The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak. | ||||
| CVE-2017-8121 | 1 Huawei | 1 Uma | 2025-04-20 | N/A |
| The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak. | ||||
| CVE-2017-8130 | 1 Huawei | 1 Uma | 2025-04-20 | N/A |
| The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak. | ||||
| CVE-2017-8136 | 1 Huawei | 1 Hedex Lite | 2025-04-20 | N/A |
| HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a target device to cause information leak. | ||||
| CVE-2017-8183 | 1 Huawei | 2 Mtk Platform Smart Phone, Mtk Platform Smart Phone Firmware | 2025-04-20 | N/A |
| MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to cause to any memory access vulnerabilities, leading to sensitive information leakage. | ||||
| CVE-2017-8239 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, userspace-controlled parameters for flash initialization are not sanitized potentially leading to exposure of kernel memory. | ||||
| CVE-2017-8254 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid. | ||||
| CVE-2017-8258 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An array out-of-bounds access in all Qualcomm products with Android releases from CAF using the Linux kernel can potentially occur in a camera driver. | ||||
| CVE-2017-8269 | 1 Google | 1 Android | 2025-04-20 | N/A |
| Userspace-controlled non null terminated parameter for IPA WAN ioctl in all Qualcomm products with Android releases from CAF using the Linux kernel can lead to exposure of kernel memory. | ||||
| CVE-2017-8281 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI. | ||||