Total
6955 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4766 | 1 Eucalyptus | 1 Eucalyptus | 2013-09-18 | 4.3 MEDIUM | N/A |
| The gather log service in Eucalyptus before 3.3.1 allows remote attackers to read log files via an unspecified request to the (1) Cluster Controller (CC) or (2) Node Controller (NC) component. | |||||
| CVE-2013-1030 | 1 Apple | 1 Mac Os X | 2013-09-18 | 2.1 LOW | N/A |
| mdmclient in Mobile Device Management in Apple Mac OS X before 10.8.5 places a password on the command line, which allows local users to obtain sensitive information by listing the process. | |||||
| CVE-2013-3597 | 1 Searchblox | 1 Searchblox | 2013-09-05 | 5.0 MEDIUM | N/A |
| servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows remote attackers to read usernames and passwords via a getList action. | |||||
| CVE-2013-4272 | 2 Botcha Spam Prevention Project, Drupal | 2 Botcha, Drupal | 2013-09-05 | 4.3 MEDIUM | N/A |
| The BOTCHA Spam Prevention module 7.x-1.x before 7.x-1.6, 7.x-2.x before 7.x-2.1, and 7.x-3.x before 7.x-3.3 for Drupal, when the debugging level is set to 5 or 6, logs the content of submitted forms, which allows context-dependent users to obtain sensitive information such as usernames and passwords by reading the log file. | |||||
| CVE-2012-6502 | 1 Microsoft | 1 Internet Explorer | 2013-09-03 | 2.6 LOW | N/A |
| Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information about the existence of files, and read certain data from files, via a UNC share pathname in the SRC attribute of a SCRIPT element, as demonstrated by reading a name-value pair from a local file via a \\127.0.0.1\C$\ sequence. | |||||
| CVE-2007-4656 | 1 Backup Manager | 1 Backup Manager | 2013-08-27 | 2.1 LOW | N/A |
| backup-manager-upload in Backup Manager before 0.6.3 provides the FTP server hostname, username, and password as plaintext command line arguments during FTP uploads, which allows local users to obtain sensitive information by listing the process and its arguments, a different vulnerability than CVE-2007-2766. | |||||
| CVE-2008-0993 | 1 Apple | 3 Mac Os X, Mac Os X Server, Podcast Producer | 2013-08-26 | 2.1 LOW | N/A |
| Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings. | |||||
| CVE-2011-3755 | 1 Mantisbt | 1 Mantisbt | 2013-08-26 | 5.0 MEDIUM | N/A |
| MantisBT 1.2.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by view_all_inc.php and certain other files. | |||||
| CVE-2013-3823 | 1 Oracle | 1 Supply Chain Products Suite | 2013-08-21 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Security. | |||||
| CVE-2013-4778 | 1 Siemens | 2 Enterprise Openscape Branch, Openscape Session Border Controller | 2013-08-21 | 7.8 HIGH | N/A |
| core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to obtain sensitive server and statistics information via unspecified vectors. | |||||
| CVE-2013-4780 | 1 Siemens | 2 Enterprise Openscape Branch, Openscape Session Border Controller | 2013-08-21 | 7.8 HIGH | N/A |
| core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2012-6547 | 1 Linux | 1 Linux Kernel | 2013-08-21 | 1.9 LOW | N/A |
| The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. | |||||
| CVE-2012-6549 | 1 Linux | 1 Linux Kernel | 2013-08-21 | 1.9 LOW | N/A |
| The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. | |||||
| CVE-2012-3519 | 1 Tor | 1 Tor | 2013-08-21 | 5.0 MEDIUM | N/A |
| routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack. | |||||
| CVE-2012-3749 | 1 Apple | 1 Iphone Os | 2013-08-16 | 5.0 MEDIUM | N/A |
| The extensions APIs in the kernel in Apple iOS before 6.0.1 provide kernel addresses in responses that contain an OSBundleMachOHeaders key, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted app. | |||||
| CVE-2013-4678 | 1 Symantec | 1 Backup Exec | 2013-08-09 | 2.7 LOW | N/A |
| The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain sensitive host-version information via unspecified vectors. | |||||
| CVE-2013-3442 | 1 Cisco | 1 Unified Communications Manager | 2013-08-05 | 4.0 MEDIUM | N/A |
| The web portal in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive stack-trace information via unspecified vectors that trigger a stack exception, aka Bug ID CSCug34854. | |||||
| CVE-2013-0943 | 1 Emc | 1 Networker | 2013-07-31 | 4.6 MEDIUM | N/A |
| EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin. | |||||
| CVE-2013-4998 | 1 Phpmyadmin | 1 Phpmyadmin | 2013-07-31 | 5.0 MEDIUM | N/A |
| phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to pmd_common.php and other files. | |||||
| CVE-2013-5000 | 1 Phpmyadmin | 1 Phpmyadmin | 2013-07-31 | 5.0 MEDIUM | N/A |
| phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files. | |||||