Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-200
Total 6955 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-1342 1 Ibm 1 Insights Foundation For Energy 2017-12-19 4.0 MEDIUM 4.3 MEDIUM
IBM Insights Foundation for Energy 2.0 could reveal sensitive information in error messages to authenticated users that could e used to conduct further attacks. IBM X-Force ID: 126457.
CVE-2017-1353 1 Ibm 1 Atlas Ediscovery Process Management 2017-12-19 3.5 LOW 3.5 LOW
IBM Atlas eDiscovery Process Management 6.0.3 could allow an authenticated attacker to obtain sensitive information when an unsuspecting user clicks on unsafe third-party links. IBM X-Force ID: 126680.
CVE-2017-1355 1 Ibm 1 Atlas Ediscovery Process Management 2017-12-19 4.3 MEDIUM 3.7 LOW
IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 126682.
CVE-2017-13149 1 Google 1 Android 2017-12-19 8.5 HIGH 9.1 CRITICAL
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872.
CVE-2017-13175 1 Google 1 Android 2017-12-19 5.0 MEDIUM 7.5 HIGH
An information disclosure vulnerability in the NVIDIA libwilhelm. Product: Android. Versions: Android kernel. Android ID A-64339309. References: N-CVE-2017-13175.
CVE-2017-13169 1 Google 1 Android 2017-12-19 5.0 MEDIUM 7.5 HIGH
An information disclosure vulnerability in the kernel camera server. Product: Android. Versions: Android kernel. Android ID A-37512375.
CVE-2017-13150 1 Google 1 Android 2017-12-19 8.5 HIGH 9.1 CRITICAL
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-38328132.
CVE-2017-13164 1 Google 1 Android 2017-12-19 5.0 MEDIUM 7.5 HIGH
An information disclosure vulnerability in the kernel binder driver. Product: Android. Versions: Android kernel. Android ID A-36007193.
CVE-2012-2422 1 Intuit 1 Quickbooks 2017-12-18 2.9 LOW N/A
Intuit QuickBooks 2009 through 2012 might allow remote attackers to obtain pathname information via the qbwc://docontrol/GetCompanyFile functionality.
CVE-2017-7923 1 Hikvision 116 Ds-2cd2032-i, Ds-2cd2032-i Firmware, Ds-2cd2112-i and 113 more 2017-12-18 4.0 MEDIUM 8.8 HIGH
A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The password in configuration file vulnerability could allow a malicious user to escalate privileges or assume the identity of another user and access sensitive information.
CVE-2017-13664 1 Ismartalarm 2 Cubeone, Cubeone Firmware 2017-12-18 5.0 MEDIUM 9.8 CRITICAL
Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to execute arbitrary commands with administrative privileges by retrieving credentials from this file.
CVE-2017-13159 1 Google 1 Android 2017-12-18 7.8 HIGH 7.5 HIGH
An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-32879772.
CVE-2017-13157 1 Google 1 Android 2017-12-18 7.8 HIGH 7.5 HIGH
An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-32990341.
CVE-2017-13158 1 Google 1 Android 2017-12-18 7.8 HIGH 7.5 HIGH
An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-32879915.
CVE-2017-13152 1 Google 1 Android 2017-12-18 5.0 MEDIUM 7.5 HIGH
An information disclosure vulnerability in the Android media framework (libmedia drm). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62872384.
CVE-2017-1497 1 Ibm 1 Sterling File Gateway 2017-12-18 4.3 MEDIUM 3.7 LOW
IBM Sterling File Gateway 2.2 could allow an unauthorized user to view files they should not have access to providing they know the directory location of the file. IBM X-Force ID: 128695.
CVE-2017-1487 1 Ibm 1 Sterling File Gateway 2017-12-18 4.0 MEDIUM 6.5 MEDIUM
IBM Sterling File Gateway 2.2 could allow an authenticated attacker to obtain sensitive information such as login ids on the system. IBM X-Force ID: 128626.
CVE-2017-1484 1 Ibm 1 Websphere Commerce 2017-12-15 4.0 MEDIUM 4.3 MEDIUM
IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 could allow an authenticated attacker to obtain information such as user personal data. IBM X-Force ID: 128622.
CVE-2017-17104 1 Fiyo 1 Fiyo Cms 2017-12-15 7.8 HIGH 7.5 HIGH
Fiyo CMS 2.0.7 has an arbitrary file read vulnerability in dapur/apps/app_theme/libs/check_file.php via $_GET['src'] or $_GET['name'].
CVE-2017-16369 1 Adobe 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more 2017-12-15 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a Same Origin Policy security bypass vulnerability, affecting files on the local system, etc.