Export limit exceeded: 10198 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10198 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1360 | 1 Cisco | 1 Prime Lan Management Solution | 2025-04-12 | N/A |
| Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390. | ||||
| CVE-2016-1378 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| Cisco IOS before 15.2(2)E1 on Catalyst switches allows remote attackers to obtain potentially sensitive software-version information via a request to the Network Mobility Services Protocol (NMSP) port, aka Bug ID CSCum62591. | ||||
| CVE-2016-1404 | 1 Cisco | 1 Ucs Invicta C3124sa Appliance | 2025-04-12 | N/A |
| Cisco UCS Invicta 4.3, 4.5, and 5.0.1 on Invicta appliances and Invicta Scaling System uses the same hardcoded GnuPG encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by sniffing network traffic to an Autosupport server and leveraging knowledge of this key from another installation, aka Bug ID CSCur85504. | ||||
| CVE-2016-1410 | 1 Cisco | 1 Webex Meeting Center | 2025-04-12 | N/A |
| Cisco WebEx Meeting Center Original Release Base allows remote attackers to obtain sensitive information about username validity by (1) attending or (2) hosting a meeting, aka Bug ID CSCux84312. | ||||
| CVE-2016-1427 | 1 Cisco | 1 Prime Network Registrar | 2025-04-12 | N/A |
| The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694. | ||||
| CVE-2016-1452 | 1 Cisco | 2 Asr 5000, Asr 5000 Software | 2025-04-12 | N/A |
| Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526. | ||||
| CVE-2016-1455 | 1 Cisco | 8 Nexus 93128, Nexus 9396px, Nexus 9396tx and 5 more | 2025-04-12 | N/A |
| Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables local-interface configuration, which allows remote attackers to obtain sensitive information via TCP or UDP traffic, aka Bug ID CSCuz05365. | ||||
| CVE-2016-1473 | 1 Cisco | 1 Small Business 220 Series Smart Plus Switches | 2025-04-12 | N/A |
| Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community, which allows remote attackers to read or modify SNMP objects by leveraging knowledge of this community, aka Bug ID CSCuz76216. | ||||
| CVE-2016-1477 | 1 Cisco | 1 Connected Streaming Analytics | 2025-04-12 | N/A |
| Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891. | ||||
| CVE-2016-1484 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | N/A |
| Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724. | ||||
| CVE-2016-1489 | 1 Lenovo | 1 Shareit | 2025-04-12 | N/A |
| Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors. | ||||
| CVE-2016-1490 | 1 Lenovo | 1 Shareit | 2025-04-12 | N/A |
| The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list. | ||||
| CVE-2016-1497 | 1 F5 | 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 11 more | 2025-04-12 | N/A |
| The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors. | ||||
| CVE-2016-1499 | 1 Owncloud | 2 Owncloud, Owncloud Server | 2025-04-12 | N/A |
| ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php. | ||||
| CVE-2016-1500 | 1 Owncloud | 2 Owncloud, Owncloud Server | 2025-04-12 | N/A |
| ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2, when the "file_versions" application is enabled, does not properly check the return value of getOwner, which allows remote authenticated users to read the files with names starting with ".v" and belonging to a sharing user by leveraging an incoming share. | ||||
| CVE-2016-1501 | 1 Owncloud | 2 Owncloud, Owncloud Server | 2025-04-12 | N/A |
| ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authenticated users to obtain sensitive information via unspecified vectors, which reveals the installation path in the resulting exception messages. | ||||
| CVE-2016-1526 | 5 Debian, Fedoraproject, Mozilla and 2 more | 6 Debian Linux, Fedora, Firefox and 3 more | 2025-04-12 | N/A |
| The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font. | ||||
| CVE-2016-1562 | 1 Dte Energy | 1 Insight | 2025-04-12 | N/A |
| The REST API in the DTE Energy Insight application before 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter. | ||||
| CVE-2016-1563 | 1 Netapp | 1 Clustered Data Ontap | 2025-04-12 | N/A |
| NetApp Clustered Data ONTAP 8.3.1 does not properly verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2016-1582 | 1 Canonical | 2 Lxd, Ubuntu Linux | 2025-04-12 | N/A |
| LXD before 2.0.2 does not properly set permissions when switching an unprivileged container into privileged mode, which allows local users to access arbitrary world readable paths in the container directory via unspecified vectors. | ||||