Export limit exceeded: 367101 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10836 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10836 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-8492 | 1 Fortinet | 1 Fortios | 2025-04-20 | N/A |
| The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption. | ||||
| CVE-2016-8230 | 1 Lenovo | 1 Lenovo Service Bridge | 2025-04-20 | N/A |
| In Lenovo Service Bridge before version 4, an insecure HTTP connection is used by LSB to send system serial number, machine type and model and product name to Lenovo's servers. | ||||
| CVE-2017-0533 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32509422. References: QC-CR#1088206. | ||||
| CVE-2016-8722 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2025-04-20 | 5.3 Medium |
| An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. | ||||
| CVE-2016-8724 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2025-04-20 | 5.3 Medium |
| An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted TCP query will allow an attacker to retrieve potentially sensitive information. | ||||
| CVE-2016-8725 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2025-04-20 | 5.3 Medium |
| An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. | ||||
| CVE-2016-8727 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2025-04-20 | N/A |
| An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker. | ||||
| CVE-2016-8741 | 1 Apache | 1 Qpid Broker-j | 2025-04-20 | 7.5 High |
| The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256. | ||||
| CVE-2016-8757 | 1 Huawei | 2 P9, P9 Firmware | 2025-04-20 | N/A |
| ION memory management module in Huawei P9 phones with software EVA-AL10C00B192 and earlier versions, EVA-DL10C00B192 and earlier versions, EVA-TL10C00B192 and earlier versions, EVA-CL10C00B192 and earlier versions allows attackers to obtain sensitive information from uninitialized memory. | ||||
| CVE-2017-0585 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32475556. References: B-RB#112953. | ||||
| CVE-2016-8925 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2025-04-20 | N/A |
| IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. IBM X-Force ID: 118538. | ||||
| CVE-2016-8926 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2025-04-20 | N/A |
| IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. IBM X-Force ID: 118539. | ||||
| CVE-2016-8923 | 1 Ibm | 1 Curam Social Program Management | 2025-04-20 | N/A |
| IBM Curam Social Program Management 5.2, 6.0, and 7.0 contains a vulnerability that would allow an authorized user to obtain sensitive information from the profile of a higher privileged user that they should not have access to. IBM X-Force ID: 118536. | ||||
| CVE-2016-8940 | 1 Ibm | 1 Tivoli Storage Manager | 2025-04-20 | N/A |
| IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for access or use by administrators. The access of these product specific database tables may allow access to passwords or other sensitive information for the product. IBM Reference #: 1998946. | ||||
| CVE-2016-8939 | 1 Ibm | 1 Tivoli Storage Manager | 2025-04-20 | N/A |
| IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) clients/agents store password information in the Windows Registry in a manner which can be compromised. IBM X-Force ID: 118790. | ||||
| CVE-2016-8964 | 1 Ibm | 2 Bigfix Inventory, License Metric Tool | 2025-04-20 | N/A |
| IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 118853. | ||||
| CVE-2016-8977 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2025-04-20 | N/A |
| IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system. | ||||
| CVE-2016-4341 | 1 Netapp | 1 Clustered Data Ontap | 2025-04-20 | N/A |
| NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to obtain SMB share information via unspecified vectors. | ||||
| CVE-2016-9107 | 1 Otr | 1 Gajim-otr | 2025-04-20 | N/A |
| The OTR plugin for Gajim sends information in cleartext when using XHTML, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2017-12361 | 1 Cisco | 1 Jabber | 2025-04-20 | N/A |
| A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806. | ||||