Export limit exceeded: 10366 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10366 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4804 | 1 Google | 1 Android | 2025-04-11 | N/A |
| The Android browser in Android before 2.3.4 allows remote attackers to obtain SD card contents via crafted content:// URIs, related to (1) BrowserActivity.java and (2) BrowserSettings.java in com/android/browser/. | ||||
| CVE-2012-0316 | 1 Cookpad | 2 Android Activities, Android Mykitchen | 2025-04-11 | N/A |
| The Cookpad 1.5.16 and earlier and Cookpad Noseru 1.1.1 and earlier applications for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | ||||
| CVE-2012-1873 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerability." | ||||
| CVE-2013-3597 | 1 Searchblox | 1 Searchblox | 2025-04-11 | N/A |
| servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows remote attackers to read usernames and passwords via a getList action. | ||||
| CVE-2010-4611 | 1 Html-edit | 1 Html-edit Cms | 2025-04-11 | N/A |
| Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive information via a direct request to (1) pages.php and (2) menu.php in includes/core_files and (3) extensions/login/frontend/pages/antihacker.php, which reveals the installation path in an error message. | ||||
| CVE-2010-4600 | 2 Dojofoundation, Ibm | 2 Dojo Toolkit, Rational Clearquest | 2025-04-11 | N/A |
| Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to an "open direct" issue. | ||||
| CVE-2010-4525 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Virtualization | 2025-04-11 | N/A |
| Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_events->interrupt.pad structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via unspecified vectors. | ||||
| CVE-2012-3034 | 1 Siemens | 2 Simatic Pcs7, Wincc | 2025-04-11 | N/A |
| WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls. | ||||
| CVE-2012-5652 | 1 Drupal | 1 Drupal | 2025-04-11 | N/A |
| Drupal 6.x before 6.27 allows remote attackers to obtain sensitive information about uploaded files via a (1) RSS feed or (2) search result. | ||||
| CVE-2009-5101 | 1 Pentaho | 1 Bi Server | 2025-04-11 | N/A |
| Pentaho BI Server 1.7.0.1062 and earlier includes the session ID (JSESSIONID) in the URL, which allows attackers to obtain it from session history, referer headers, or sniffing of web traffic. | ||||
| CVE-2011-0376 | 1 Cisco | 7 Telepresence System 1000, Telepresence System 1100, Telepresence System 1300 Series and 4 more | 2025-04-11 | N/A |
| The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x, 1.6.0, and 1.6.1 allows remote attackers to obtain sensitive information via a GET request, aka Bug ID CSCte43876. | ||||
| CVE-2012-4255 | 1 Mysqldumper | 1 Mysqldumper | 2025-04-11 | N/A |
| MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message. | ||||
| CVE-2012-4254 | 1 Mysqldumper | 1 Mysqldumper | 2025-04-11 | N/A |
| MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information (Notices) via a direct request to (1) learn/cubemail/restore.php or (2) learn/cubemail/dump.php. | ||||
| CVE-2012-4219 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-11 | N/A |
| show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file. | ||||
| CVE-2012-2474 | 1 Cisco | 2 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software | 2025-04-11 | N/A |
| Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 allows remote authenticated users to cause a denial of service (memory consumption and blank response page) by using the clientless WebVPN feature, aka Bug ID CSCth34278. | ||||
| CVE-2012-3838 | 1 Babygekko | 1 Baby Gekko | 2025-04-11 | N/A |
| Gekko before 1.2.0 allows remote attackers to obtain the installation path via a direct request to (1) admin/templates/babygekko/index.php or (2) templates/html5demo/index.php. | ||||
| CVE-2012-2635 | 2 Dolphin-browser, Google | 3 Dolphin Browser Hd, Dolphin For Pad, Android | 2025-04-11 | N/A |
| The Dolphin Browser HD application before 7.6 and Dolphin for Pad application before 1.0.1 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | ||||
| CVE-2011-1687 | 1 Bestpractical | 1 Rt | 2025-04-11 | N/A |
| Best Practical Solutions RT 3.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allows remote authenticated users to obtain sensitive information by using the search interface, as demonstrated by retrieving encrypted passwords. | ||||
| CVE-2012-3829 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header. | ||||
| CVE-2012-2646 | 1 Fenrir-inc | 1 Sleipnir Mobile | 2025-04-11 | N/A |
| The Sleipnir Mobile application before 2.1.0 and Sleipnir Mobile Black Edition application before 2.1.0 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | ||||