Export limit exceeded: 11253 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 24979 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24979 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-3338 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The CTIManager module in Cisco Unified Communications Manager (CM) 10.0(1), when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491. | ||||
| CVE-2015-1116 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen. | ||||
| CVE-2015-1097 | 1 Apple | 2 Iphone Os, Tvos | 2025-04-12 | N/A |
| IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. | ||||
| CVE-2012-1366 | 1 Cisco | 10 Asr 1001, Asr 1002, Asr 1002-x and 7 more | 2025-04-12 | N/A |
| Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544. | ||||
| CVE-2015-1096 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2025-04-12 | N/A |
| IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. | ||||
| CVE-2015-1094 | 1 Apple | 2 Iphone Os, Tvos | 2025-04-12 | N/A |
| IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. | ||||
| CVE-2015-1091 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | N/A |
| The CFNetwork Session component in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly handle request headers during processing of redirects in HTTP responses, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | ||||
| CVE-2015-1088 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | N/A |
| CFURL in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly validate URLs, which allows remote attackers to execute arbitrary code via a crafted web site. | ||||
| CVE-2015-1086 | 1 Apple | 2 Iphone Os, Tvos | 2025-04-12 | N/A |
| The Audio Drivers subsystem in Apple iOS before 8.3 and Apple TV before 7.2 does not properly validate IOKit object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||||
| CVE-2015-1090 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| CFNetwork in Apple iOS before 8.3 does not delete HTTP Strict Transport Security (HSTS) state information in response to a Safari history-clearing action, which allows attackers to obtain sensitive information by reading a history file. | ||||
| CVE-2015-1064 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| Springboard in Apple iOS before 8.2 allows physically proximate attackers to bypass an intended activation requirement and read the home screen by leveraging an application crash during the activation process. | ||||
| CVE-2015-1049 | 1 Siemens | 10 Scalance X-200 Series Firmware, Scalance X201-3p Irt Pro, Scalance X201-3pirt and 7 more | 2025-04-12 | N/A |
| The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors. | ||||
| CVE-2015-1047 | 1 Vmware | 1 Vcenter Server | 2025-04-12 | N/A |
| vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 before u2 allows remote attackers to cause a denial of service via a long heartbeat message. | ||||
| CVE-2015-1043 | 1 Vmware | 3 Fusion, Player, Workstation | 2025-04-12 | N/A |
| The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a guest OS denial of service via unspecified vectors. | ||||
| CVE-2015-1015 | 1 Omron | 3 Cj2h Plc, Cj2m Plc, Cx-programmer | 2025-04-12 | N/A |
| Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file. | ||||
| CVE-2015-1009 | 2 Indusoft, Wonderware | 2 Web Studio, Intouch | 2025-04-12 | N/A |
| Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file. | ||||
| CVE-2015-1089 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | N/A |
| CFNetwork in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly handle cookies during processing of redirects in HTTP responses, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | ||||
| CVE-2015-0777 | 2 Linux, Xen | 2 Linux Kernel, Xen | 2025-04-12 | N/A |
| drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory via unspecified vectors. | ||||
| CVE-2014-3337 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-12 | N/A |
| The SIP implementation in Cisco Unified Communications Manager (CM) 8.6(.2) and earlier allows remote authenticated users to cause a denial of service (process crash) via a crafted SIP message that is not properly handled during processing of an XML document, aka Bug ID CSCtq76428. | ||||
| CVE-2015-0770 | 1 Cisco | 1 Telepresence Tc Software | 2025-04-12 | N/A |
| CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341. | ||||