Total
8102 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0817 | 1 Samba | 1 Samba | 2025-04-11 | 5.0 MEDIUM | N/A |
| Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests. | |||||
| CVE-2012-2854 | 4 Apple, Google, Linux and 1 more | 5 Mac Os X, Chrome, Frame and 2 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to obtain potentially sensitive information about pointer values by leveraging access to a WebUI renderer process. | |||||
| CVE-2011-4766 | 1 Parallels | 1 Parallels Plesk Small Business Panel | 2025-04-11 | 5.0 MEDIUM | N/A |
| The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allows remote attackers to obtain ASP source code via a direct request to wysiwyg/fckconfig.js. NOTE: CVE disputes this issue because ASP is only used in a JavaScript comment | |||||
| CVE-2011-3011 | 1 Ca | 1 Arcserve D2d | 2025-04-11 | 5.0 MEDIUM | N/A |
| BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors. | |||||
| CVE-2013-1729 | 2 Apple, Mozilla | 2 Mac Os X, Firefox | 2025-04-11 | 2.6 LOW | N/A |
| The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element. | |||||
| CVE-2011-3814 | 1 K5n | 1 Webcalendar | 2025-04-11 | 5.0 MEDIUM | N/A |
| WebCalendar 1.2.3, and other versions before 1.2.5, allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ws/user_mod.php and certain other files. | |||||
| CVE-2011-3815 | 1 Webidsupport | 1 Webid | 2025-04-11 | 5.0 MEDIUM | N/A |
| WeBid 1.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by js/calendar.php and certain other files. | |||||
| CVE-2011-3821 | 1 Xajax-project | 1 Xajax | 2025-04-11 | 5.0 MEDIUM | N/A |
| xajax 0.6 beta1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xajax_core/plugin_layer/xajaxScriptPlugin.inc.php and certain other files. | |||||
| CVE-2013-2987 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-04-11 | 4.0 MEDIUM | N/A |
| IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-3020, CVE-2013-0568, CVE-2013-0475, and CVE-2013-0567. | |||||
| CVE-2011-3772 | 1 Php-collab | 1 Phpcollab | 2025-04-11 | 5.0 MEDIUM | N/A |
| phpCollab 2.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by topics/noti_newtopic.php and certain other files. | |||||
| CVE-2012-1926 | 1 Opera | 1 Opera Browser | 2025-04-11 | 5.0 MEDIUM | N/A |
| Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.pushState and (2) history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information. | |||||
| CVE-2013-4183 | 1 Openstack | 1 Cinder | 2025-04-11 | 2.1 LOW | N/A |
| The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2012-1243 | 2 Google, Studiohitori | 2 Android, Twitrocker2 Android | 2025-04-11 | 5.0 MEDIUM | N/A |
| The TwitRocker2 application before 1.0.23 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | |||||
| CVE-2011-2492 | 2 Linux, Redhat | 6 Linux Kernel, Enterprise Linux Aus, Enterprise Linux Desktop and 3 more | 2025-04-11 | 1.9 LOW | N/A |
| The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c. | |||||
| CVE-2012-5473 | 1 Moodle | 1 Moodle | 2025-04-11 | 4.0 MEDIUM | N/A |
| The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to read activity entries of a different group's users via an advanced search. | |||||
| CVE-2012-5624 | 3 Canonical, Digia, Qt | 3 Ubuntu Linux, Qt, Qt | 2025-04-11 | 4.3 MEDIUM | N/A |
| The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application. | |||||
| CVE-2013-3972 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | 4.0 MEDIUM | N/A |
| IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2010-0826 | 1 Piotr Roszatycki | 1 Libnss-db | 2025-04-11 | 1.9 LOW | N/A |
| The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module. | |||||
| CVE-2013-4044 | 1 Ibm | 1 Spss Collaboration And Deployment Services | 2025-04-11 | 4.0 MEDIUM | N/A |
| IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote authenticated users to read application log files via a direct HTTP request. | |||||
| CVE-2013-2164 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | 2.1 LOW | N/A |
| The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive. | |||||