Export limit exceeded: 10761 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10761 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-9951 1 Google 1 Android 2025-04-20 N/A
In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure Through Timing Discrepancy vulnerability could potentially exist.
CVE-2016-3995 1 Cryptopp 1 Crypto\+\+ 2025-04-20 N/A
The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ (aka cryptopp) before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks.
CVE-2016-3996 1 Samsung 1 Knox 2025-04-20 N/A
ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application.
CVE-2017-7890 2 Php, Redhat 3 Php, Enterprise Linux, Rhel Software Collections 2025-04-20 N/A
The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.
CVE-2016-4042 1 Plone 1 Plone 2025-04-20 N/A
Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors.
CVE-2014-9970 2 Jasypt Project, Redhat 8 Jasypt, Enterprise Linux, Jboss Bpms and 5 more 2025-04-20 N/A
jasypt before 1.9.2 allows a timing attack against the password hash comparison.
CVE-2016-4844 1 Cybozu 1 Mailwise 2025-04-20 N/A
Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks.
CVE-2017-9554 1 Synology 1 Diskstation Manager 2025-04-20 N/A
An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors.
CVE-2015-6250 1 Simple-php-captcha Project 1 Simple-php-captcha 2025-04-20 N/A
simple-php-captcha before commit 9d65a945029c7be7bb6bc893759e74c5636be694 allows remote attackers to automatically generate the captcha response by running the same code on the client-side.
CVE-2016-0382 1 Ibm 1 Tealeaf Consumer Experience 2025-04-20 N/A
The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes some of its operational state in a form that may be accidentally captured and exposed by network infrastructure components such as IIS. IBM X-Force ID: 112356.
CVE-2015-1828 1 Http.rb Project 1 Http.rb 2025-04-20 5.9 Medium
The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack.
CVE-2016-10293 1 Linux 1 Linux Kernel 2025-04-20 N/A
An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-33352393. References: QC-CR#1101943.
CVE-2016-10294 1 Linux 1 Linux Kernel 2025-04-20 N/A
An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33621829. References: QC-CR#1105481.
CVE-2016-10295 1 Linux 1 Linux Kernel 2025-04-20 N/A
An information disclosure vulnerability in the Qualcomm LED driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33781694. References: QC-CR#1109326.
CVE-2016-4613 1 Apple 4 Apple Tv, Icloud, Itunes and 1 more 2025-04-20 N/A
An issue was discovered in certain Apple products. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site.
CVE-2016-10296 1 Linux 1 Linux Kernel 2025-04-20 N/A
An information disclosure vulnerability in the Qualcomm shared memory driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33845464. References: QC-CR#1109782.
CVE-2016-10314 1 Jensenofscandinavia 6 Al3g, Al3g Firmware, Al5000ac and 3 more 2025-04-20 N/A
Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to read passwords via a direct request to the x.asp page.
CVE-2016-10339 1 Google 1 Android 2025-04-20 N/A
In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore.
CVE-2017-7138 1 Apple 1 Mac Os X 2025-04-20 N/A
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Directory Utility" component. It allows local users to discover the Apple ID of the computer's owner.
CVE-2017-7131 1 Apple 1 Iphone Os 2025-04-20 N/A
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive Contact card information via a crafted app.