Total
7894 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0843 | 2 Debian, Uzbl | 2 Debian Linux, Uzbl | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| uzbl: Information disclosure via world-readable cookies storage file | |||||
| CVE-2012-0842 | 2 Debian, Suckless | 2 Debian Linux, Surf | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| surf: cookie jar has read access from other local user | |||||
| CVE-2012-0433 | 1 Crowbar Project | 1 Crowbar | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data. | |||||
| CVE-2012-0046 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| mediawiki allows deleted text to be exposed | |||||
| CVE-2011-5282 | 1 Mirc | 1 Mirc | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| mIRC prior to 7.22 has a message leak because chopping of outbound messages is mishandled. | |||||
| CVE-2011-4972 | 1 Ckeditor | 1 Ckeditor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request. | |||||
| CVE-2011-4937 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Joomla! 1.7.1 has core information disclosure due to inadequate error checking. | |||||
| CVE-2011-4919 | 1 Mpack Project | 1 Mpack | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| mpack 1.6 has information disclosure via eavesdropping on mails sent by other users | |||||
| CVE-2011-4916 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*. | |||||
| CVE-2011-4915 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts. | |||||
| CVE-2011-4901 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract arbitrary information from the TYPO3 database. | |||||
| CVE-2011-4900 | 2 Debian, Typo3 | 2 Debian Linux, Typo3 | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| TYPO3 before 4.5.4 allows Information Disclosure in the backend. | |||||
| CVE-2011-4627 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend. | |||||
| CVE-2011-4538 | 1 Lexmark | 66 C540, C540 Firmware, C543 and 63 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords within exported settings. | |||||
| CVE-2011-4088 | 3 Abrt Project, Fedoraproject, Redhat | 5 Abrt, Fedora, Enterprise Linux Desktop and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| ABRT might allow attackers to obtain sensitive information from crash reports. | |||||
| CVE-2011-4076 | 1 Openstack | 1 Nova | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2_SECRET_KEY. An attacker could also presumably brute force values for EC2_ACCESS_KEY. | |||||
| CVE-2011-3901 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Android SQLite Journal before 4.0.1 has an information disclosure vulnerability. | |||||
| CVE-2011-3613 | 1 Vanillaforums | 1 Vanilla | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue exists in Vanilla Forums before 2.0.17.9 due to the way cookies are handled. | |||||
| CVE-2011-3269 | 1 Lexmark | 168 25xxn, 25xxn Firmware, 6500e and 165 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allow attackers to obtain sensitive information via a hidden email address in a Scan To Email shortcut. | |||||
| CVE-2011-3147 | 1 Openstack | 1 Nova | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
| Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem. | |||||