Export limit exceeded: 10837 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10837 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-6830 1 Phpmyadmin 1 Phpmyadmin 2025-04-12 N/A
libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha.
CVE-2015-6843 1 Emc 1 Sourceone Email Supervisor 2025-04-12 N/A
Reviewer in EMC SourceOne Email Supervisor before 7.2 does not properly limit attempts to authenticate, which makes it easier for remote attackers to obtain access via a brute-force approach.
CVE-2015-6847 1 Emc 1 Vplex Geosynchrony 2025-04-12 N/A
The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GUI passwords in a log file, which allows local users to obtain sensitive information by reading this file.
CVE-2015-6852 1 Emc 1 Secure Remote Services 2025-04-12 N/A
Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x before 3.10 allows remote authenticated users to read log files via a crafted parameter.
CVE-2015-6858 1 Hp 1 Insight Management 2025-04-12 N/A
HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2015-6862 1 Hp 1 Ucmdb Browser 2025-04-12 N/A
HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors.
CVE-2014-3398 1 Cisco 1 Adaptive Security Appliance Software 2025-04-12 N/A
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain potentially sensitive software-version information by reading the verbose response data that is provided for a request to an unspecified URL, aka Bug ID CSCuq65542.
CVE-2015-7776 1 Cybozu 1 Garoon 2025-04-12 N/A
Cybozu Garoon 3.x and 4.x before 4.2.0 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, a different vulnerability than CVE-2016-1196.
CVE-2015-7787 1 Asus 2 Wl-330nul, Wl-330nul Firmware 2025-04-12 N/A
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors.
CVE-2014-3400 1 Cisco 1 Webex Meetings Server 2025-04-12 N/A
Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive information by reading logs, aka Bug IDs CSCuq36417 and CSCuq40344.
CVE-2015-7827 3 Botan Project, Debian, Fedoraproject 3 Botan, Debian Linux, Fedora 2025-04-12 N/A
Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding.
CVE-2015-7836 1 Siemens 1 Ruggedcom Rugged Operating System 2025-04-12 N/A
Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain sensitive information by sniffing the network for VLAN data within the padding section of an Ethernet frame.
CVE-2016-9284 1 Exponentcms 1 Exponent Cms 2025-04-12 N/A
getUsersByJSON in framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via users/getUsersByJSON/sort/ and a trailing string.
CVE-2015-7859 1 Joomla 1 Joomla\! 2025-04-12 N/A
The com_contenthistory component in Joomla! 3.2 before 3.4.5 does not properly check ACLs, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2014-3410 1 Cisco 1 Adaptive Security Appliance Software 2025-04-12 N/A
The syslog-management subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain an administrator password by waiting for an administrator to copy a file, and then (1) sniffing the network for a syslog message or (2) reading a syslog message in a file on a syslog server, aka Bug IDs CSCuq22357 and CSCur41860.
CVE-2015-7884 1 Linux 1 Linux Kernel 2025-04-12 N/A
The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.
CVE-2015-7885 1 Linux 1 Linux Kernel 2025-04-12 N/A
The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.
CVE-2015-7886 1 Netapp 1 Data Ontap 2025-04-12 N/A
NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are enabled, allows remote attackers to obtain sensitive volume information via unspecified vectors.
CVE-2015-7900 1 Infinite Automation Systems 1 Mango Automation 2025-04-12 N/A
Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote attackers to obtain sensitive debugging information by entering a crafted URL to trigger an exception, and then visiting a certain status page.
CVE-2015-7902 1 Infinite Automation Systems 1 Mango Automation 2025-04-12 N/A
Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 provides different error messages for failed login attempts in unspecified circumstances, which allows remote attackers to obtain sensitive information via a series of requests.