Total
6955 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4826 | 1 Hp | 2 Imc Service Operation Management Software Module, Intelligent Management Center | 2019-10-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1647. | |||||
| CVE-2013-4832 | 1 Hp | 1 Service Manager | 2019-10-09 | 4.0 MEDIUM | N/A |
| HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2013-2322 | 1 Hp | 1 Nonstop Sql\/mx | 2019-10-09 | 3.5 LOW | N/A |
| HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to obtain sensitive information via unspecified vectors, aka the "SQL/MP index" issue. | |||||
| CVE-2012-5222 | 2 Hp, Microsoft | 2 Service Manager Web Tier, Windows | 2019-10-09 | 5.0 MEDIUM | N/A |
| HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2012-3249 | 1 Hp | 1 Fortify Software Security Center | 2019-10-09 | 4.0 MEDIUM | N/A |
| HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2012-0433 | 1 Crowbar Project | 1 Crowbar | 2019-10-09 | 2.1 LOW | 5.5 MEDIUM |
| The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data. | |||||
| CVE-2010-3284 | 1 Hp | 1 System Management Homepage | 2019-10-09 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2008-4560 | 1 Hp | 1 Openview Network Node Manager | 2019-10-09 | 7.8 HIGH | N/A |
| HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. NOTE: this issue may be partially covered by CVE-2009-0205. | |||||
| CVE-2007-0778 | 3 Canonical, Debian, Mozilla | 4 Ubuntu Linux, Debian Linux, Firefox and 1 more | 2019-10-09 | 5.4 MEDIUM | N/A |
| The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache. | |||||
| CVE-2018-19976 | 1 Virustotal | 1 Yara | 2019-10-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine. | |||||
| CVE-2018-7251 | 1 Anchorcms | 1 Anchor | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred. | |||||
| CVE-2017-18322 | 1 Qualcomm | 62 Mdm9206, Mdm9206 Firmware, Mdm9607 and 59 more | 2019-10-02 | 2.1 LOW | 5.5 MEDIUM |
| Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016. | |||||
| CVE-2017-17476 | 2 Debian, Otrs | 2 Debian Linux, Otrs | 2019-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email. | |||||
| CVE-2018-12027 | 1 Phusion | 1 Passenger | 2019-10-02 | 6.5 MEDIUM | 8.8 HIGH |
| An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of said socket are writable by a normal user that is not the application's user, then that non-application user can swap that directory with something else, resulting in traffic being redirected to a non-application user's process through an alternative Unix domain socket. | |||||
| CVE-2017-15852 | 1 Google | 1 Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
| Information leak of the ISPIF base address in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the camera driver. | |||||
| CVE-2017-0738 | 1 Google | 1 Android | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| A information disclosure vulnerability in the Android media framework (audioserver). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37563371. | |||||
| CVE-2018-19962 | 3 Citrix, Debian, Xen | 3 Xenserver, Debian Linux, Xen | 2019-10-02 | 6.9 MEDIUM | 7.8 HIGH |
| An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones. | |||||
| CVE-2018-1000145 | 1 Jenkins | 1 Perforce | 2019-10-02 | 5.0 MEDIUM | 6.5 MEDIUM |
| An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them. | |||||
| CVE-2018-16705 | 1 Furuno | 4 Felcom 250, Felcom 250 Firmware, Felcom 500 and 1 more | 2019-10-02 | 5.0 MEDIUM | 9.8 CRITICAL |
| FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file containing all of the system's usernames and passwords. This includes the Admin and Service user accounts and their unsalted MD5 hashes, as well as the SMS server password in cleartext. | |||||
| CVE-2018-15594 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-10-02 | 2.1 LOW | 5.5 MEDIUM |
| arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. | |||||