Total
8083 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10234 | 1 Google | 1 Android | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in the Qualcomm IPA driver. Product: Android. Versions: Android kernel. Android ID: A-34390017. References: QC-CR#1069060. | |||||
| CVE-2016-1000002 | 4 Debian, Gnome, Opensuse and 1 more | 4 Debian Linux, Gnome Display Manager, Leap and 1 more | 2024-11-21 | 2.1 LOW | 2.4 LOW |
| gdm3 3.14.2 and possibly later has an information leak before screen lock | |||||
| CVE-2016-0715 | 1 Pivotal Software | 1 Cloud Foundry Elastic Runtime | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP Buildpack, Staticfile Buildpack and potentially other custom Buildpack applications vulnerable to remote information disclosure. Affected applications use automated buildpack detection, serve files directly from the root of the application and have a buildpack that matched after the Java Buildpack in the system buildpack priority when Java Buildpack versions 2.0 through 3.4 were present. | |||||
| CVE-2016-0708 | 1 Cloudfoundry | 2 Cf-release, Java Buildpack | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automatic buildpack detection, passed through the Java Buildpack detection script, and allow the serving of static content from within the deployed artifact. The default Apache Tomcat configuration in the affected java buildpack versions for some basic web application archive (WAR) packaged applications are vulnerable to this issue. | |||||
| CVE-2016-0367 | 1 Ibm | 1 Security Identity Manager Virtual Appliance | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 112072. | |||||
| CVE-2016-0366 | 1 Ibm | 1 Security Privileged Identity Manager | 2024-11-21 | 4.3 MEDIUM | 3.7 LOW |
| IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 might allow remote attackers to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 112071. | |||||
| CVE-2016-0351 | 1 Ibm | 1 Security Identity Manager Virtual Appliance | 2024-11-21 | 4.3 MEDIUM | 3.7 LOW |
| IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 does not set the secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. IBM X-Force ID: 111890. | |||||
| CVE-2016-0345 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report rendering. IBM X-Force ID: 111786. | |||||
| CVE-2016-0343 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 111784. | |||||
| CVE-2016-0312 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM TRIRIGA Application Platform before 3.3.2 allows remote attackers to obtain sensitive information via vectors related to granting unauthenticated access to Document Manager. IBM X-Force ID: 111486. | |||||
| CVE-2016-0299 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to obtain sensitive information via vectors involving a database query. IBM X-Force ID: 111382. | |||||
| CVE-2016-0286 | 1 Ibm | 1 Tivoli Business Service Manager | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| IBM Tivoli Business Service Manager 6.1.0 before 6.1.0-TIV-BSM-FP0004 and 6.1.1 before 6.1.1-TIV-BSM-FP0004 allows remote authenticated users to obtain administrator passwords by leveraging unspecified privileges. BM X-Force ID: 111234. | |||||
| CVE-2016-0275 | 1 Ibm | 1 Financial Transaction Manager | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows local users to obtain sensitive information via vectors related to cacheable HTTPS responses. | |||||
| CVE-2016-0237 | 1 Ibm | 1 Security Guardium Database Activity Monitor | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM Security Guardium Database Activity Monitor 10 allows local users to obtain sensitive information by reading cached browser data. IBM X-Force ID: 110328. | |||||
| CVE-2016-0205 | 1 Ibm | 1 Cloud Orchestrator | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| A vulnerability has been identified in IBM Cloud Orchestrator 2.3, 2.3.0.1, 2.4, and 2.4.0.1 that could allow an attacker after authentication to enumerate valid users of the system. IBM X-Force ID: 109394. | |||||
| CVE-2015-9547 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with JBP(4.3) and KK(4.4.2) software. Because the READ_LOGS permission is mishandled, sensitive information is disclosed in a world-readable copy of the log file if the error message is "Unhandled exception in Dalvik VM," "Application not responding ANR event," or "Crash on an application's native code." The Samsung ID is SVE-2015-2885 (October 2015). | |||||
| CVE-2015-9543 | 1 Openstack | 1 Nova | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py. | |||||
| CVE-2015-9492 | 1 Smartit Premium Responsive Project | 1 Smartit Premium Responsive | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The ThemeMakers SmartIT Premium Responsive theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | |||||
| CVE-2015-9491 | 1 Blessing Premium Responsive Project | 1 Blessing Premium Responsive | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The ThemeMakers Blessing Premium Responsive theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | |||||
| CVE-2015-9490 | 1 Gamestheme Premium Project | 1 Gamestheme Premium | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The ThemeMakers GamesTheme Premium theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | |||||