Total
6955 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-8032 | 1 Cisco | 1 Webex Meetings Server | 2017-09-07 | 4.0 MEDIUM | N/A |
| The OutlookAction LI in Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive encrypted-password information via unspecified vectors, aka Bug IDs CSCuj40453 and CSCuj40449. | |||||
| CVE-2014-8035 | 1 Cisco | 1 Webex Meetings Server | 2017-09-07 | 5.0 MEDIUM | N/A |
| The web framework in Cisco WebEx Meetings Server produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts via a series of requests, aka Bug ID CSCuj40247. | |||||
| CVE-2014-8068 | 1 Adobe | 1 Digital Editions | 2017-09-07 | 5.0 MEDIUM | N/A |
| Adobe Digital Editions (DE) 4 does not use encryption for transmission of data to adelogs.adobe.com, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by book-navigation information. | |||||
| CVE-2014-8520 | 1 Mcafee | 1 Network Data Loss Prevention | 2017-09-07 | 5.0 MEDIUM | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information via vectors related to open network ports. | |||||
| CVE-2014-8525 | 1 Mcafee | 1 Network Data Loss Prevention | 2017-09-07 | 5.0 MEDIUM | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. | |||||
| CVE-2014-8536 | 1 Mcafee | 1 Network Data Loss Prevention | 2017-09-07 | 2.1 LOW | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages. | |||||
| CVE-2014-8537 | 1 Mcafee | 1 Network Data Loss Prevention | 2017-09-07 | 2.1 LOW | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading the logs. | |||||
| CVE-2014-8637 | 1 Mozilla | 2 Firefox, Seamonkey | 2017-09-07 | 5.0 MEDIUM | N/A |
| Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element. | |||||
| CVE-2014-8709 | 1 Linux | 1 Linux Kernel | 2017-09-07 | 5.0 MEDIUM | N/A |
| The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets. | |||||
| CVE-2014-8832 | 1 Apple | 1 Mac Os X | 2017-09-07 | 4.9 MEDIUM | N/A |
| The indexing functionality in Spotlight in Apple OS X before 10.10.2 writes memory contents to an external hard drive, which allows local users to obtain sensitive information by reading from this drive. | |||||
| CVE-2014-8834 | 1 Apple | 1 Mac Os X | 2017-09-07 | 2.1 LOW | N/A |
| UserAccountUpdater in Apple OS X 10.10 before 10.10.2 stores a PDF document's password in a printing preference file, which allows local users to obtain sensitive information by reading a file. | |||||
| CVE-2014-8839 | 1 Apple | 1 Mac Os X | 2017-09-07 | 5.0 MEDIUM | N/A |
| Spotlight in Apple OS X before 10.10.2 does not enforce the Mail "Load remote content in messages" configuration, which allows remote attackers to discover recipient IP addresses by including an inline image in an HTML e-mail message and logging HTTP requests for this image's URL. | |||||
| CVE-2014-9018 | 1 Icecast | 1 Icecast | 2017-09-07 | 5.0 MEDIUM | N/A |
| Icecast before 2.4.1 transmits the output of the on-connect script, which might allow remote attackers to obtain sensitive information, related to shared file descriptors. | |||||
| CVE-2014-9177 | 1 Svnlabs | 1 Html5 Mp3 Player With Playlist Free | 2017-09-07 | 5.0 MEDIUM | N/A |
| The HTML5 MP3 Player with Playlist Free plugin before 2.7 for WordPress allows remote attackers to obtain the installation path via a request to html5plus/playlist.php. | |||||
| CVE-2014-9483 | 1 Gnu | 1 Emacs | 2017-09-07 | 5.0 MEDIUM | 7.5 HIGH |
| Emacs 24.4 allows remote attackers to bypass security restrictions. | |||||
| CVE-2015-5959 | 1 Froxlor | 1 Froxlor | 2017-09-07 | 5.0 MEDIUM | 9.8 CRITICAL |
| Froxlor before 0.9.33.2 with the default configuration/setup might allow remote attackers to obtain the database password by reading /logs/sql-error.log. | |||||
| CVE-2015-3454 | 1 Vulcanjs | 1 Vulcan | 2017-09-07 | 5.0 MEDIUM | 7.5 HIGH |
| TelescopeJS before 0.15 leaks user bcrypt password hashes in websocket messages, which might allow remote attackers to obtain password hashes via a cross-site scripting attack. | |||||
| CVE-2016-2969 | 1 Ibm | 1 Sametime | 2017-09-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that contain emails of people that should not be in these messages. IBM X-Force ID: 113850. | |||||
| CVE-2016-2971 | 1 Ibm | 1 Sametime | 2017-09-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive information in stack trace error logs that could aid an attacker in future attacks. IBM X-Force ID: 113898. | |||||
| CVE-2017-14053 | 1 Netapp | 1 Oncommand Unified Manager For Clustered Data Ontap | 2017-09-06 | 5.0 MEDIUM | 7.5 HIGH |
| NetApp OnCommand Unified Manager for Clustered Data ONTAP before 7.2P1 does not set the secure flag for an unspecified cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | |||||