Export limit exceeded: 10604 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10604 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-7577 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "FaceTime" component, which allows remote attackers to trigger memory corruption and obtain audio data from a call that appeared to have ended. | ||||
| CVE-2016-6887 | 1 Matrixssl | 1 Matrixssl | 2025-04-20 | N/A |
| The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remote attackers to predict the secret key via a CRT attack. | ||||
| CVE-2016-6820 | 1 Netapp | 1 Metrocluster Tiebreaker | 2025-04-20 | N/A |
| MetroCluster Tiebreaker for clustered Data ONTAP in versions before 1.2 discloses sensitive information in cleartext which may be viewed by an unauthenticated user. | ||||
| CVE-2016-5988 | 1 Ibm | 1 Security Privileged Identity Manager | 2025-04-20 | N/A |
| IBM Security Privileged Identity Manager Virtual Appliance could disclose sensitive information in generated error messages that would be available to an authenticated user. | ||||
| CVE-2016-5938 | 1 Ibm | 1 Kenexa Lms | 2025-04-20 | N/A |
| IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user on the system. | ||||
| CVE-2016-5935 | 1 Ibm | 2 Dashboard Application Services Hub, Jazz For Service Management | 2025-04-20 | N/A |
| IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. | ||||
| CVE-2016-5896 | 1 Ibm | 6 Maximo Asset Management, Maximo For Aviation, Maximo For Life Sciences and 3 more | 2025-04-20 | N/A |
| IBM Maximo Asset Management could disclose sensitive information from a stack trace after submitting incorrect login onto Cognos browser. | ||||
| CVE-2016-5894 | 1 Ibm | 1 Websphere Commerce | 2025-04-20 | N/A |
| IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408. | ||||
| CVE-2016-5893 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-20 | N/A |
| IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 115336. | ||||
| CVE-2016-5855 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough. | ||||
| CVE-2016-5854 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace. | ||||
| CVE-2016-5813 | 1 Visonic | 2 Powerlink2, Powerlink2 Firmware | 2025-04-20 | N/A |
| An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. When a specific URL to an image is accessed, the downloaded image carries with it source code used in the web server (INFORMATION EXPOSURE). | ||||
| CVE-2016-5810 | 1 Advantech | 1 Webaccess | 2025-04-20 | N/A |
| upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors. | ||||
| CVE-2015-5187 | 1 Candlepinproject | 1 Candlepin | 2025-04-20 | N/A |
| Candlepin allows remote attackers to obtain sensitive information by obtaining Java exception statements as a result of excessive web traffic. | ||||
| CVE-2016-5786 | 1 Omnimetrix | 1 Omniview | 2025-04-20 | N/A |
| An issue was discovered in OmniMetrix OmniView, Version 1.2. The OmniView web application transmits credentials with the HTTP protocol, which could be sniffed by an attacker that may result in the compromise of account credentials. | ||||
| CVE-2016-5757 | 1 Netiq | 1 Access Manager | 2025-04-20 | N/A |
| iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication credentials. | ||||
| CVE-2016-5754 | 1 Netiq | 1 Access Manager | 2025-04-20 | N/A |
| Presence of a .htaccess file could leak information in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before SP2. | ||||
| CVE-2016-5752 | 1 Netiq | 1 Access Manager | 2025-04-20 | N/A |
| The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original requester. | ||||
| CVE-2016-4976 | 1 Apache | 1 Ambari | 2025-04-20 | N/A |
| Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing. | ||||
| CVE-2016-4950 | 1 Cloudera | 1 Manager | 2025-04-20 | N/A |
| Cloudera Manager 5.5 and earlier allows remote attackers to enumerate user sessions via a request to /api/v11/users/sessions. | ||||