Total
6955 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-8952 | 1 Hp | 1 Sitescope | 2018-03-06 | 5.0 MEDIUM | 7.5 HIGH |
| A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found. | |||||
| CVE-2017-8951 | 1 Hp | 1 Sitescope | 2018-03-06 | 4.6 MEDIUM | 7.8 HIGH |
| A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found. | |||||
| CVE-2017-8950 | 1 Hp | 1 Sitescope | 2018-03-06 | 2.1 LOW | 5.5 MEDIUM |
| A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found. | |||||
| CVE-2017-5795 | 1 Hp | 1 Intelligent Management Center | 2018-03-06 | 7.1 HIGH | 6.5 MEDIUM |
| A Local Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) version PLAT 7.2 E0403P06 was found. | |||||
| CVE-2016-8514 | 1 Hp | 1 Version Control Repository Manager | 2018-03-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| A remote information disclosure in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6. | |||||
| CVE-2018-6293 | 1 Hyland | 1 Saperion Web Client | 2018-03-06 | 5.0 MEDIUM | 7.5 HIGH |
| Arbitrary File Read in Saperion Web Client version 7.5.2 83166. | |||||
| CVE-2017-5785 | 1 Hp | 1 Matrix Operating Environment | 2018-03-05 | 6.4 MEDIUM | 6.5 MEDIUM |
| A remote information disclosure vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-14494 | 5 Canonical, Debian, Novell and 2 more | 7 Ubuntu Linux, Debian Linux, Leap and 4 more | 2018-03-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. | |||||
| CVE-2017-12723 | 1 Smiths-medical | 1 Medfusion 4000 Wireless Syringe Infusion Pump | 2018-03-02 | 4.3 MEDIUM | 3.7 LOW |
| A Password in Configuration File issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump stores some passwords in the configuration file, which are accessible if the pump is configured to allow external communications. | |||||
| CVE-2016-8531 | 1 Hp | 1 Matrix Operating Environment | 2018-03-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| A remote information disclosure vulnerability in HPE Matrix Operating Environment version 7.6 was found. | |||||
| CVE-2018-6596 | 2 Debian, Django-anymail Project | 2 Debian Linux, Django-anymail | 2018-03-02 | 6.4 MEDIUM | 9.1 CRITICAL |
| webhooks/base.py in Anymail (aka django-anymail) before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOK_AUTHORIZATION secret, which allows remote attackers to post arbitrary e-mail tracking events. | |||||
| CVE-2017-13246 | 1 Google | 1 Android | 2018-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| A information disclosure vulnerability in the Upstream kernel network driver. Product: Android. Versions: Android kernel. ID: A-36279469. | |||||
| CVE-2017-13243 | 1 Google | 1 Android | 2018-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991. | |||||
| CVE-2018-6610 | 1 Jlike Project | 1 Jlike | 2018-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| Information Leakage exists in the jLike 1.0 component for Joomla! via a task=getUserByCommentId request. | |||||
| CVE-2018-6460 | 1 Anchorfree | 1 Hotspot Shield | 2018-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| Hotspot Shield runs a webserver with a static IP address 127.0.0.1 and port 895. The web server uses JSONP and hosts sensitive information including configuration. User controlled input is not sufficiently filtered: an unauthenticated attacker can send a POST request to /status.js with the parameter func=$_APPLOG.Rfunc and extract sensitive information about the machine, including whether the user is connected to a VPN, to which VPN he/she is connected, and what is their real IP address. | |||||
| CVE-2018-1192 | 1 Pivotal Software | 4 Cloud Foundry Cf-deployment, Cloud Foundry Cf-release, Cloud Foundry Uaa and 1 more | 2018-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versions prior to 53.3, the SessionID is logged in audit event logs. An attacker can use the SessionID to impersonate a logged-in user. | |||||
| CVE-2017-1785 | 1 Ibm | 1 Api Connect | 2018-02-26 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM API Connect 5.0.7 and 5.0.8 could allow an authenticated remote user to modify query parameters to obtain sensitive information. IBM X-Force ID: 136859. | |||||
| CVE-2013-4317 | 1 Apache | 1 Cloudstack | 2018-02-26 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their own. | |||||
| CVE-2017-8980 | 1 Hp | 1 Intelligent Management Center | 2018-02-26 | 5.0 MEDIUM | 7.5 HIGH |
| A Remote Disclosure of Information vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found. | |||||
| CVE-2012-3331 | 1 Ibm | 1 Sametime | 2018-02-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Sametime allows remote attackers to obtain sensitive information from the Sametime Log database via a direct request to STLOG.NSF. IBM X-Force ID: 78048. | |||||