Export limit exceeded: 10826 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10826 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-6495 | 1 Netapp | 1 Data Ontap | 2025-04-20 | N/A |
| NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows remote attackers to obtain information about the volumes configured for HTTP access. | ||||
| CVE-2016-5813 | 1 Visonic | 2 Powerlink2, Powerlink2 Firmware | 2025-04-20 | N/A |
| An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. When a specific URL to an image is accessed, the downloaded image carries with it source code used in the web server (INFORMATION EXPOSURE). | ||||
| CVE-2016-5810 | 1 Advantech | 1 Webaccess | 2025-04-20 | N/A |
| upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors. | ||||
| CVE-2016-5786 | 1 Omnimetrix | 1 Omniview | 2025-04-20 | N/A |
| An issue was discovered in OmniMetrix OmniView, Version 1.2. The OmniView web application transmits credentials with the HTTP protocol, which could be sniffed by an attacker that may result in the compromise of account credentials. | ||||
| CVE-2013-5653 | 3 Artifex, Debian, Redhat | 3 Afpl Ghostscript, Debian Linux, Enterprise Linux | 2025-04-20 | N/A |
| The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file. | ||||
| CVE-2016-5757 | 1 Netiq | 1 Access Manager | 2025-04-20 | N/A |
| iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication credentials. | ||||
| CVE-2016-5754 | 1 Netiq | 1 Access Manager | 2025-04-20 | N/A |
| Presence of a .htaccess file could leak information in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before SP2. | ||||
| CVE-2015-3277 | 1 Mod Nss Project | 1 Mod Nss | 2025-04-20 | N/A |
| The mod_nss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring. | ||||
| CVE-2016-5752 | 1 Netiq | 1 Access Manager | 2025-04-20 | N/A |
| The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original requester. | ||||
| CVE-2015-3250 | 1 Apache | 1 Directory Ldap Api | 2025-04-20 | N/A |
| Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors. | ||||
| CVE-2016-5614 | 1 Oracle | 1 Flexcube Private Banking | 2025-04-20 | N/A |
| Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Private Banking. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle FLEXCUBE Private Banking accessible data. CVSS v3.0 Base Score 4.3 (Confidentiality impacts). | ||||
| CVE-2016-6117 | 1 Ibm | 1 Security Key Lifecycle Manager | 2025-04-20 | N/A |
| IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 can be deployed with active debugging code that can disclose sensitive information. | ||||
| CVE-2016-5076 | 1 Cloudviewnms | 1 Cloudview Nms | 2025-04-20 | N/A |
| CloudView NMS before 2.10a allows remote attackers to obtain sensitive information via a direct request for admin/auto.def. | ||||
| CVE-2016-5059 | 1 Osram | 1 Lightify Pro | 2025-04-20 | N/A |
| OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application. | ||||
| CVE-2016-5051 | 1 Osram | 1 Lightify Home | 2025-04-20 | N/A |
| OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application. | ||||
| CVE-2016-5045 | 1 Netapp | 1 Oncommand System Manager | 2025-04-20 | N/A |
| NetApp OnCommand System Manager before 9.0 allows remote attackers to obtain sensitive credentials via vectors related to cluster peering setup. | ||||
| CVE-2016-5014 | 1 Moodle | 1 Moodle | 2025-04-20 | N/A |
| In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course. | ||||
| CVE-2016-5012 | 1 Moodle | 1 Moodle | 2025-04-20 | N/A |
| In Moodle 3.x, glossary search displays entries without checking user permissions to view them. | ||||
| CVE-2016-5006 | 1 Pivotal Software | 2 Cloud Foundry, Cloud Foundry Elastic Runtime | 2025-04-20 | N/A |
| The Cloud Controller in Cloud Foundry before 239 logs user-provided service objects at creation, which allows attackers to obtain sensitive user credential information via unspecified vectors. | ||||
| CVE-2016-5001 | 1 Apache | 1 Hadoop | 2025-04-20 | N/A |
| This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS. A local user on an HDFS DataNode may be able to craft a block token that grants unauthorized read access to random files by guessing certain fields in the token. | ||||