Export limit exceeded: 349406 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 25300 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (25300 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-2131 | 1 Panasonic | 2 Kx-hjb1000, Kx-hjb1000 Firmware | 2025-04-20 | N/A |
| Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors. | ||||
| CVE-2016-4844 | 1 Cybozu | 1 Mailwise | 2025-04-20 | N/A |
| Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks. | ||||
| CVE-2017-2109 | 1 Cybozu | 1 Kunai | 2025-04-20 | N/A |
| Cybozu KUNAI for Android 3.0.4 to 3.0.5.1 allow remote attackers to obtain log information through a malicious Android application. | ||||
| CVE-2017-9812 | 1 Kaspersky | 1 Anti-virus For Linux Server | 2025-04-20 | N/A |
| The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges. | ||||
| CVE-2017-2105 | 1 Presentcast Inc | 1 Tver | 2025-04-20 | N/A |
| The TVer App for Android 3.2.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-7495 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-20 | N/A |
| fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by waiting for a hardware reset, creating a new file, making write system calls, and reading this file. | ||||
| CVE-2016-4898 | 1 Novastor | 1 Novabackup Datacenter | 2025-04-20 | N/A |
| The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors. | ||||
| CVE-2016-4899 | 1 Novastor | 1 Novabackup Datacenter | 2025-04-20 | N/A |
| The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors. | ||||
| CVE-2017-7488 | 2 Authconfig Project, Redhat | 2 Authconfig, Enterprise Linux | 2025-04-20 | N/A |
| Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames. | ||||
| CVE-2016-4927 | 1 Juniper | 1 Junos Space | 2025-04-20 | N/A |
| Insufficient validation of SSH keys in Junos Space before 15.2R2 allows man-in-the-middle (MITM) type of attacks while a Space device is communicating with managed devices. | ||||
| CVE-2016-4947 | 1 Cloudera | 1 Hue | 2025-04-20 | N/A |
| Cloudera HUE 3.9.0 and earlier allows remote attackers to enumerate user accounts via a request to desktop/api/users/autocomplete. | ||||
| CVE-2016-4949 | 1 Cloudera | 1 Manager | 2025-04-20 | N/A |
| Cloudera Manager 5.5 and earlier allows remote attackers to obtain sensitive information via a (1) stderr.log or (2) stdout.log value in the filename parameter to /cmf/process/<process_id>/logs. | ||||
| CVE-2016-4950 | 1 Cloudera | 1 Manager | 2025-04-20 | N/A |
| Cloudera Manager 5.5 and earlier allows remote attackers to enumerate user sessions via a request to /api/v11/users/sessions. | ||||
| CVE-2017-2104 | 1 K-opticom Corporation | 1 Business Lala Call | 2025-04-20 | N/A |
| The Business LaLa Call App for Android 1.4.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-7486 | 2 Postgresql, Redhat | 5 Postgresql, Enterprise Linux, Network Satellite and 2 more | 2025-04-20 | N/A |
| PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server. | ||||
| CVE-2016-4976 | 1 Apache | 1 Ambari | 2025-04-20 | N/A |
| Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing. | ||||
| CVE-2017-7186 | 2 Pcre, Redhat | 3 Pcre, Pcre2, Jboss Core Services | 2025-04-20 | N/A |
| libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup. | ||||
| CVE-2016-4992 | 1 Redhat | 5 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 2 more | 2025-04-20 | N/A |
| 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects. | ||||
| CVE-2017-7183 | 1 Extraputty | 1 Extraputty | 2025-04-20 | N/A |
| The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers to cause a denial of service (crash) via a large (1) read or (2) write TFTP protocol message. | ||||
| CVE-2017-15324 | 1 Huawei | 4 S5700, S5700 Firmware, S6700 and 1 more | 2025-04-20 | N/A |
| Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart. | ||||