Export limit exceeded: 10833 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10833 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-5752 1 Netiq 1 Access Manager 2025-04-20 N/A
The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original requester.
CVE-2016-5754 1 Netiq 1 Access Manager 2025-04-20 N/A
Presence of a .htaccess file could leak information in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before SP2.
CVE-2016-5757 1 Netiq 1 Access Manager 2025-04-20 N/A
iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication credentials.
CVE-2016-5786 1 Omnimetrix 1 Omniview 2025-04-20 N/A
An issue was discovered in OmniMetrix OmniView, Version 1.2. The OmniView web application transmits credentials with the HTTP protocol, which could be sniffed by an attacker that may result in the compromise of account credentials.
CVE-2016-5810 1 Advantech 1 Webaccess 2025-04-20 N/A
upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors.
CVE-2016-5813 1 Visonic 2 Powerlink2, Powerlink2 Firmware 2025-04-20 N/A
An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. When a specific URL to an image is accessed, the downloaded image carries with it source code used in the web server (INFORMATION EXPOSURE).
CVE-2016-5854 1 Google 1 Android 2025-04-20 N/A
In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace.
CVE-2016-5855 1 Google 1 Android 2025-04-20 N/A
In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough.
CVE-2016-5858 1 Google 1 Android 2025-04-20 N/A
In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs.
CVE-2016-5893 1 Ibm 1 Sterling B2b Integrator 2025-04-20 N/A
IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 115336.
CVE-2016-5894 1 Ibm 1 Websphere Commerce 2025-04-20 N/A
IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408.
CVE-2016-5896 1 Ibm 6 Maximo Asset Management, Maximo For Aviation, Maximo For Life Sciences and 3 more 2025-04-20 N/A
IBM Maximo Asset Management could disclose sensitive information from a stack trace after submitting incorrect login onto Cognos browser.
CVE-2016-5900 1 Ibm 1 Tealeaf Customer Experience On Cloud Network Capture Add-on 2025-04-20 N/A
IBM Tealeaf Customer Experience on Cloud Network Capture Add-On could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the TLS certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
CVE-2016-5918 2 Ibm, Microsoft 2 Tivoli Storage Manager For Space Management, Windows 2025-04-20 N/A
IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed.
CVE-2016-5935 1 Ibm 2 Dashboard Application Services Hub, Jazz For Service Management 2025-04-20 N/A
IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
CVE-2016-5938 1 Ibm 1 Kenexa Lms 2025-04-20 N/A
IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user on the system.
CVE-2017-11051 1 Google 1 Android 2025-04-20 N/A
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, information disclosure is possible in function __wlan_hdd_cfg80211_testmode since buffer hb_params is not initialized to zero.
CVE-2017-1110 1 Ibm 1 Curam Social Program Management 2025-04-20 N/A
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated user to view the incidents of a higher privileged user. IBM X-Force ID: 120915.
CVE-2017-11122 2 Apple, Broadcom 4 Iphone Os, Tvos, Bcm4355c0 and 1 more 2025-04-20 N/A
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading.
CVE-2017-11145 2 Php, Redhat 2 Php, Rhel Software Collections 2025-04-20 N/A
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: the correct fix is in the e8b7698f5ee757ce2c8bd10a192a491a498f891c commit, not the bd77ac90d3bdf31ce2a5251ad92e9e75 gist.