Total
6955 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-1342 | 1 Ibm | 1 Insights Foundation For Energy | 2017-12-19 | 4.0 MEDIUM | 4.3 MEDIUM |
IBM Insights Foundation for Energy 2.0 could reveal sensitive information in error messages to authenticated users that could e used to conduct further attacks. IBM X-Force ID: 126457. | |||||
CVE-2017-1353 | 1 Ibm | 1 Atlas Ediscovery Process Management | 2017-12-19 | 3.5 LOW | 3.5 LOW |
IBM Atlas eDiscovery Process Management 6.0.3 could allow an authenticated attacker to obtain sensitive information when an unsuspecting user clicks on unsafe third-party links. IBM X-Force ID: 126680. | |||||
CVE-2017-1355 | 1 Ibm | 1 Atlas Ediscovery Process Management | 2017-12-19 | 4.3 MEDIUM | 3.7 LOW |
IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 126682. | |||||
CVE-2017-13149 | 1 Google | 1 Android | 2017-12-19 | 8.5 HIGH | 9.1 CRITICAL |
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872. | |||||
CVE-2017-13175 | 1 Google | 1 Android | 2017-12-19 | 5.0 MEDIUM | 7.5 HIGH |
An information disclosure vulnerability in the NVIDIA libwilhelm. Product: Android. Versions: Android kernel. Android ID A-64339309. References: N-CVE-2017-13175. | |||||
CVE-2017-13169 | 1 Google | 1 Android | 2017-12-19 | 5.0 MEDIUM | 7.5 HIGH |
An information disclosure vulnerability in the kernel camera server. Product: Android. Versions: Android kernel. Android ID A-37512375. | |||||
CVE-2017-13150 | 1 Google | 1 Android | 2017-12-19 | 8.5 HIGH | 9.1 CRITICAL |
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-38328132. | |||||
CVE-2017-13164 | 1 Google | 1 Android | 2017-12-19 | 5.0 MEDIUM | 7.5 HIGH |
An information disclosure vulnerability in the kernel binder driver. Product: Android. Versions: Android kernel. Android ID A-36007193. | |||||
CVE-2012-2422 | 1 Intuit | 1 Quickbooks | 2017-12-18 | 2.9 LOW | N/A |
Intuit QuickBooks 2009 through 2012 might allow remote attackers to obtain pathname information via the qbwc://docontrol/GetCompanyFile functionality. | |||||
CVE-2017-7923 | 1 Hikvision | 116 Ds-2cd2032-i, Ds-2cd2032-i Firmware, Ds-2cd2112-i and 113 more | 2017-12-18 | 4.0 MEDIUM | 8.8 HIGH |
A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The password in configuration file vulnerability could allow a malicious user to escalate privileges or assume the identity of another user and access sensitive information. | |||||
CVE-2017-13664 | 1 Ismartalarm | 2 Cubeone, Cubeone Firmware | 2017-12-18 | 5.0 MEDIUM | 9.8 CRITICAL |
Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to execute arbitrary commands with administrative privileges by retrieving credentials from this file. | |||||
CVE-2017-13159 | 1 Google | 1 Android | 2017-12-18 | 7.8 HIGH | 7.5 HIGH |
An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-32879772. | |||||
CVE-2017-13157 | 1 Google | 1 Android | 2017-12-18 | 7.8 HIGH | 7.5 HIGH |
An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-32990341. | |||||
CVE-2017-13158 | 1 Google | 1 Android | 2017-12-18 | 7.8 HIGH | 7.5 HIGH |
An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-32879915. | |||||
CVE-2017-13152 | 1 Google | 1 Android | 2017-12-18 | 5.0 MEDIUM | 7.5 HIGH |
An information disclosure vulnerability in the Android media framework (libmedia drm). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62872384. | |||||
CVE-2017-1497 | 1 Ibm | 1 Sterling File Gateway | 2017-12-18 | 4.3 MEDIUM | 3.7 LOW |
IBM Sterling File Gateway 2.2 could allow an unauthorized user to view files they should not have access to providing they know the directory location of the file. IBM X-Force ID: 128695. | |||||
CVE-2017-1487 | 1 Ibm | 1 Sterling File Gateway | 2017-12-18 | 4.0 MEDIUM | 6.5 MEDIUM |
IBM Sterling File Gateway 2.2 could allow an authenticated attacker to obtain sensitive information such as login ids on the system. IBM X-Force ID: 128626. | |||||
CVE-2017-1484 | 1 Ibm | 1 Websphere Commerce | 2017-12-15 | 4.0 MEDIUM | 4.3 MEDIUM |
IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 could allow an authenticated attacker to obtain information such as user personal data. IBM X-Force ID: 128622. | |||||
CVE-2017-17104 | 1 Fiyo | 1 Fiyo Cms | 2017-12-15 | 7.8 HIGH | 7.5 HIGH |
Fiyo CMS 2.0.7 has an arbitrary file read vulnerability in dapur/apps/app_theme/libs/check_file.php via $_GET['src'] or $_GET['name']. | |||||
CVE-2017-16369 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2017-12-15 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a Same Origin Policy security bypass vulnerability, affecting files on the local system, etc. |