Export limit exceeded: 364785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 26334 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (26334 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-3621 | 1 Sap | 1 Enterprise Central Component | 2025-04-12 | N/A |
| Untrusted search path vulnerability in SAP Enterprise Central Component (ECC) allows local users to gain privileges via a Trojan horse program. | ||||
| CVE-2015-3676 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| AppleGraphicsControl in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information via a crafted app. | ||||
| CVE-2015-8488 | 1 Cybozu | 1 Office | 2025-04-12 | N/A |
| Cybozu Office 10.3.0 allows remote attackers to read image files via a crafted e-mail message, a different vulnerability than CVE-2015-8487. | ||||
| CVE-2015-3646 | 2 Openstack, Oracle | 2 Keystone, Solaris | 2025-04-12 | N/A |
| OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs. | ||||
| CVE-2015-3711 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| The NTFS implementation in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app. | ||||
| CVE-2015-3690 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | N/A |
| The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app. | ||||
| CVE-2016-0701 | 1 Openssl | 1 Openssl | 2025-04-12 | N/A |
| The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file. | ||||
| CVE-2015-0680 | 1 Cisco | 1 Unified Callmanager | 2025-04-12 | N/A |
| Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests, which allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuq44439. | ||||
| CVE-2015-1103 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2025-04-12 | N/A |
| The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 makes routing changes in response to ICMP_REDIRECT messages, which allows remote attackers to cause a denial of service (network outage) or obtain sensitive packet-content information via a crafted ICMP packet. | ||||
| CVE-2015-3720 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app. | ||||
| CVE-2016-0385 | 1 Ibm | 1 Websphere Application Server | 2025-04-12 | N/A |
| Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.10, 9.0 before 9.0.0.1, and Liberty before 16.0.0.3, when HttpSessionIdReuse is enabled, allows remote authenticated users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-0381 | 1 Ibm | 1 Cognos Tm1 | 2025-04-12 | N/A |
| IBM Cognos TM1 10.2.2 before FP5, when the host/pmhub/pm/admin AdminGroups setting is empty, allows remote authenticated users to cause a denial of service (configuration outage) via a non-empty value. | ||||
| CVE-2015-4543 | 1 Emc | 1 Rsa Archer Grc | 2025-04-12 | N/A |
| EMC RSA Archer GRC 5.x before 5.5.3 uses cleartext for stored passwords in unspecified circumstances, which allows remote authenticated users to obtain sensitive information by reading database fields. | ||||
| CVE-2016-0378 | 1 Ibm | 1 Websphere Application Server | 2025-04-12 | N/A |
| IBM WebSphere Application Server (WAS) Liberty before 16.0.0.3, when the installation lacks a default error page, allows remote attackers to obtain sensitive information by triggering an exception. | ||||
| CVE-2016-9452 | 1 Drupal | 1 Drupal | 2025-04-12 | N/A |
| The transliterate mechanism in Drupal 8.x before 8.2.3 allows remote attackers to cause a denial of service via a crafted URL. | ||||
| CVE-2015-0620 | 1 Cisco | 1 Telepresence Management Suite | 2025-04-12 | N/A |
| The XML parser in Cisco TelePresence Management Suite (TMS) 14.3(.2) and earlier does not properly handle external entities, which allows remote authenticated users to cause a denial of service via POST requests, aka Bug ID CSCus51494. | ||||
| CVE-2016-9437 | 1 Tats | 1 W3m | 2025-04-12 | N/A |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page. | ||||
| CVE-2016-9433 | 1 Tats | 1 W3m | 2025-04-12 | N/A |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (out-of-bounds array access) via a crafted HTML page. | ||||
| CVE-2016-9432 | 1 Tats | 1 W3m | 2025-04-12 | N/A |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (memory corruption, segmentation fault, and crash) via a crafted HTML page. | ||||
| CVE-2016-9430 | 1 Tats | 1 W3m | 2025-04-12 | N/A |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||||