Export limit exceeded: 23574 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 10826 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10826 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-1094 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.
CVE-2014-4356 1 Apple 1 Iphone Os 2025-04-12 N/A
Apple iOS before 8 does not follow the intended configuration setting for text-message preview on the lock screen, which allows physically proximate attackers to obtain sensitive information by reading this screen.
CVE-2014-4357 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows attackers to obtain sensitive information by reading log data that was not intended to be present in a log.
CVE-2014-4361 1 Apple 1 Iphone Os 2025-04-12 N/A
The Home & Lock Screen subsystem in Apple iOS before 8 does not properly restrict the private API for app prominence, which allows attackers to determine the frontmost app by leveraging access to a crafted background app.
CVE-2014-4426 1 Apple 1 Mac Os X 2025-04-12 N/A
AFP File Server in Apple OS X before 10.10 allows remote attackers to discover the network addresses of all interfaces via an unspecified command to one interface.
CVE-2014-4409 1 Apple 1 Iphone Os 2025-04-12 N/A
WebKit in Apple iOS before 8 makes it easier for remote attackers to track users during private browsing via a crafted web site that reads HTML5 application-cache data that had been stored during normal browsing.
CVE-2014-4403 1 Apple 1 Mac Os X 2025-04-12 N/A
The kernel in Apple OS X before 10.9.5 allows local users to obtain sensitive address information and bypass the ASLR protection mechanism by leveraging predictability of the location of the CPU Global Descriptor Table.
CVE-2014-4458 1 Apple 1 Mac Os X 2025-04-12 N/A
The "System Profiler About This Mac" component in Apple OS X before 10.10.1 includes extraneous cookie data in system-model requests, which might allow remote attackers to obtain sensitive information via unspecified vectors.
CVE-2014-4460 1 Apple 2 Iphone Os, Mac Os X 2025-04-12 N/A
CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files.
CVE-2014-5213 1 Novell 1 Edirectory 2025-04-12 N/A
nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.
CVE-2014-5215 1 Microfocus 1 Access Manager 2025-04-12 N/A
NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated administrators to discover service-account passwords via a request to (1) roma/jsp/volsc/monitoring/dev_services.jsp or (2) roma/jsp/debug/debug.jsp.
CVE-2014-5233 2 Apple, Siemens 2 Iphone Os, Simatic Wincc Sm\@rtclient 2025-04-12 N/A
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to discover Sm@rtServer credentials by leveraging an error in the credential-processing mechanism.
CVE-2015-1106 1 Apple 1 Iphone Os 2025-04-12 N/A
The QuickType feature in the Keyboards subsystem in Apple iOS before 8.3 allows physically proximate attackers to discover passcodes by reading the lock screen during use of a Bluetooth keyboard.
CVE-2015-1108 1 Apple 1 Iphone Os 2025-04-12 N/A
The Lock Screen component in Apple iOS before 8.3 does not properly enforce the limit on incorrect passcode-authentication attempts, which makes it easier for physically proximate attackers to obtain access by making many passcode guesses.
CVE-2014-5341 1 Owncloud 1 Owncloud 2025-04-12 N/A
The SFTP external storage driver (files_external) in ownCloud Server before 6.0.5 validates the RSA Host key after login, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2014-5351 1 Mit 1 Kerberos 5 2025-04-12 N/A
The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.
CVE-2014-5377 1 Manageengine 1 Device Expert 2025-04-12 N/A
ReadUsersFromMasterServlet in ManageEngine DeviceExpert before 5.9 build 5981 allows remote attackers to obtain user account credentials via a direct request.
CVE-2015-1109 1 Apple 1 Iphone Os 2025-04-12 N/A
NetworkExtension in Apple iOS before 8.3 stores credentials in VPN configuration logs, which makes it easier for physically proximate attackers to obtain sensitive information by reading a log file.
CVE-2015-0757 1 Cisco 1 Identity Services Engine Software 2025-04-12 N/A
The web framework in Cisco Identity Services Engine (ISE) 1.2(1.901) and 1.3(0.722) does not properly implement session handlers, which allows remote attackers to obtain sensitive information by reading web pages, as demonstrated by MnT reports, aka Bug ID CSCuq23140.
CVE-2015-0922 1 Mcafee 1 Epolicy Orchestrator 2025-04-12 N/A
McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 uses the same secret key across different customers' installations, which allows attackers to obtain the administrator password by leveraging knowledge of the encrypted password.