Export limit exceeded: 366988 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 10833 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10833 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-0777 2 Linux, Xen 2 Linux Kernel, Xen 2025-04-12 N/A
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory via unspecified vectors.
CVE-2016-3002 1 Ibm 1 Connections 2025-04-12 N/A
IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows physically proximate attackers to obtain sensitive information by reading cached data on a client device.
CVE-2016-6627 1 Phpmyadmin 1 Phpmyadmin 2025-04-12 N/A
An issue was discovered in phpMyAdmin. An attacker can determine the phpMyAdmin host location through the file url.php. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
CVE-2016-7887 4 Adobe, Apple, Linux and 1 more 4 Coldfusion Builder, Macos, Linux Kernel and 1 more 2025-04-12 7.5 High
Adobe ColdFusion Builder versions 2016 update 2 and earlier, 3.0.3 and earlier have an important vulnerability that could lead to information disclosure.
CVE-2016-7888 1 Adobe 1 Digital Editions 2025-04-12 N/A
Adobe Digital Editions versions 4.5.2 and earlier has an important vulnerability that could lead to memory address leak.
CVE-2014-2038 3 Canonical, Linux, Redhat 3 Ubuntu Linux, Linux Kernel, Enterprise Linux 2025-04-12 N/A
The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by writing to a file in an NFS filesystem and then reading the same file.
CVE-2015-6052 1 Microsoft 3 Internet Explorer, Jscript, Vbscript 2025-04-12 N/A
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR Bypass."
CVE-2015-6057 1 Microsoft 1 Edge 2025-04-12 N/A
Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."
CVE-2015-2058 1 Jabberd2 1 Jabberd2 2025-04-12 N/A
c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID.
CVE-2015-3097 2 Adobe, Microsoft 5 Air, Air Sdk, Air Sdk \& Compiler and 2 more 2025-04-12 N/A
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160, Adobe AIR before 18.0.0.144, Adobe AIR SDK before 18.0.0.144, and Adobe AIR SDK & Compiler before 18.0.0.144 on 64-bit Windows 7 systems do not properly select a random memory address for the Flash heap, which makes it easier for attackers to conduct unspecified attacks by predicting this address.
CVE-2015-3949 1 Sinapsi 2 Esolar Light, Esolar Light Firmware 2025-04-12 N/A
Sinapsi eSolar Light with firmware before 2.0.3970_schsl_2.2.85 allows attackers to discover cleartext passwords by reading the HTML source code of the mail-configuration page.
CVE-2015-3176 1 Moodle 1 Moodle 2025-04-12 N/A
The account-confirmation feature in login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote attackers to obtain sensitive full-name information by attempting to self-register.
CVE-2015-3969 1 Janitza 5 Umg 508, Umg 509, Umg 511 and 2 more 2025-04-12 N/A
Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to obtain sensitive network-connection information via a request to UDP port (1) 1234 or (2) 1235.
CVE-2015-3180 1 Moodle 1 Moodle 2025-04-12 N/A
lib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to obtain sensitive course-structure information by leveraging access to a student account with a suspended enrolment.
CVE-2015-3720 1 Apple 1 Mac Os X 2025-04-12 N/A
The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app.
CVE-2015-3721 1 Apple 2 Iphone Os, Mac Os X 2025-04-12 N/A
The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.
CVE-2015-5430 1 Hp 1 Matrix Operating Environment 2025-04-12 N/A
HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2015-4735 1 Oracle 2 Enterprise Manager Database Control, Enterprise Manager Grid Control 2025-04-12 N/A
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1, and EM DB Control 11.2.0.3 and 11.2.0.4, allows remote attackers to affect confidentiality via vectors related to RAC Management.
CVE-2015-5448 1 Numara 1 Asset Manager 2025-04-12 N/A
HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows local users to obtain sensitive information via unspecified vectors.
CVE-2015-5490 1 Views Project 1 Views 2025-04-12 N/A
The _views_fetch_data method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote attackers to bypass intended filters and obtain access to hidden content via unspecified vectors.