Search Results (10827 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-4499 1 Apple 1 Mac Os X 2025-04-12 N/A
The App Store process in CommerceKit Framework in Apple OS X before 10.10.2 places Apple ID credentials in App Store logs, which allows local users to obtain sensitive information by reading a file.
CVE-2014-1908 1 Videowhisper 1 Videowhisper Live Streaming Integration 2025-04-12 N/A
The error-handling feature in (1) bp.php, (2) videowhisper_streaming.php, and (3) ls/rtmp.inc.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.
CVE-2014-2000 1 Ntt 1 050 Plus 2025-04-12 N/A
The NTT 050 plus application before 4.2.1 for Android allows attackers to obtain sensitive information by leveraging the ability to read system log files.
CVE-2014-2061 2 Jenkins, Redhat 2 Jenkins, Openshift 2025-04-12 N/A
The input control in PasswordParameterDefinition in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to obtain passwords by reading the HTML source code, related to the default value.
CVE-2014-2068 2 Jenkins, Redhat 2 Jenkins, Openshift 2025-04-12 N/A
The doIndex function in hudson/util/RemotingDiagnostics.java in CloudBees Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users with the ADMINISTER permission to obtain sensitive information via vectors related to heapDump.
CVE-2014-2749 1 Sap 1 Hana 2025-04-12 N/A
The HANA ICM process in SAP HANA allows remote attackers to obtain the platform version, host name, instance number, and possibly other sensitive information via a malformed HTTP GET request.
CVE-2014-2719 2 Asus, T-mobile 10 Rt-ac66u Firmware, Rt-ac68u, Rt-ac68u Firmware and 7 more 2025-04-12 N/A
Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.
CVE-2015-8280 1 Samsung 1 Web Viewer 2025-04-12 N/A
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages.
CVE-2014-3667 2 Jenkins, Redhat 2 Jenkins, Openshift 2025-04-12 N/A
Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which allows remote authenticated users with the Overall/READ permission to obtain sensitive information by reading the plugin code.
CVE-2014-3787 1 Sap 1 Netweaver 2025-04-12 N/A
SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.
CVE-2014-3679 1 Jenkins-ci 1 Monitoring Plugin 2025-04-12 N/A
The Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to obtain sensitive information by accessing unspecified pages.
CVE-2014-3680 2 Jenkins, Redhat 2 Jenkins, Openshift 2025-04-12 N/A
Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/READ permission to obtain the default value for the password field of a parameterized job by reading the DOM.
CVE-2015-1089 1 Apple 2 Iphone Os, Mac Os X 2025-04-12 N/A
CFNetwork in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly handle cookies during processing of redirects in HTTP responses, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
CVE-2015-1090 1 Apple 1 Iphone Os 2025-04-12 N/A
CFNetwork in Apple iOS before 8.3 does not delete HTTP Strict Transport Security (HSTS) state information in response to a Safari history-clearing action, which allows attackers to obtain sensitive information by reading a history file.
CVE-2014-4426 1 Apple 1 Mac Os X 2025-04-12 N/A
AFP File Server in Apple OS X before 10.10 allows remote attackers to discover the network addresses of all interfaces via an unspecified command to one interface.
CVE-2014-4409 1 Apple 1 Iphone Os 2025-04-12 N/A
WebKit in Apple iOS before 8 makes it easier for remote attackers to track users during private browsing via a crafted web site that reads HTML5 application-cache data that had been stored during normal browsing.
CVE-2014-4403 1 Apple 1 Mac Os X 2025-04-12 N/A
The kernel in Apple OS X before 10.9.5 allows local users to obtain sensitive address information and bypass the ASLR protection mechanism by leveraging predictability of the location of the CPU Global Descriptor Table.
CVE-2014-4458 1 Apple 1 Mac Os X 2025-04-12 N/A
The "System Profiler About This Mac" component in Apple OS X before 10.10.1 includes extraneous cookie data in system-model requests, which might allow remote attackers to obtain sensitive information via unspecified vectors.
CVE-2014-4460 1 Apple 2 Iphone Os, Mac Os X 2025-04-12 N/A
CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files.
CVE-2015-1096 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.