Export limit exceeded: 10745 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10745 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-5504 | 1 Oracle | 1 Agile Product Lifecycle Management For Process | 2025-04-12 | 4.1 Medium |
| Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.1.0.4, 6.1.1.6, and 6.2.0.0 allows local users to affect confidentiality via vectors related to Supplier Portal. | ||||
| CVE-2016-5505 | 1 Oracle | 1 Database Server | 2025-04-12 | N/A |
| Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors. | ||||
| CVE-2016-5508 | 1 Oracle | 1 Solaris Cluster | 2025-04-12 | N/A |
| Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 4.3 allows local users to affect confidentiality via vectors related to Cluster Geo. | ||||
| CVE-2016-4785 | 1 Siemens | 9 Siprotec 4 En100, Siprotec Compact Model, Siprotec Compact Model 7rw80 and 6 more | 2025-04-12 | N/A |
| A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain a limited amount of device memory content if network access was obtained. This vulnerability only affects EN100 Ethernet module included in SIPROTEC4 and SIPROTEC Compact devices. | ||||
| CVE-2016-5765 | 1 Microfocus | 4 Host Access Management And Security Server, Reflection For The Web, Reflection Security Gateway and 1 more | 2025-04-12 | N/A |
| Administrative Server in Micro Focus Host Access Management and Security Server (MSS) and Reflection for the Web (RWeb) and Reflection Security Gateway (RSG) and Reflection ZFE (ZFE) allows remote unauthenticated attackers to read arbitrary files via a specially crafted URL that allows limited directory traversal. Applies to MSS 12.3 before 12.3.326 and MSS 12.2 before 12.2.342 and RSG 12.1 before 12.1.362 and RWeb 12.3 before 12.3.312 and RWeb 12.2 before 12.2.342 and RWeb 12.1 before 12.1.362 and ZFE 2.0.1 before 2.0.1.18 and ZFE 2.0.0 before 2.0.0.52 and ZFE 1.4.0 before 1.4.0.14. | ||||
| CVE-2016-5797 | 1 Tollgrade | 1 Lighthouse Sms | 2025-04-12 | N/A |
| Tollgrade LightHouse SMS before 5.1 patch 3 provides different error messages for failed authentication attempts depending on whether the username exists, which allows remote attackers to enumerate account names via a series of attempts. | ||||
| CVE-2016-5812 | 1 Moxa | 7 Oncell G3001 Firmware, Oncell G3100v2, Oncell G3100v2 Firmware and 4 more | 2025-04-12 | N/A |
| Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file. | ||||
| CVE-2016-5842 | 2 Imagemagick, Oracle | 2 Imagemagick, Solaris | 2025-04-12 | 7.5 High |
| MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read. | ||||
| CVE-2016-5848 | 1 Siemens | 1 Sicam Pas\/pqs | 2025-04-12 | 6.7 Medium |
| Siemens SICAM PAS before 8.07 does not properly restrict password data in the database, which makes it easier for local users to calculate passwords by leveraging unspecified database privileges. | ||||
| CVE-2016-5849 | 1 Siemens | 1 Sicam Pas\/pqs | 2025-04-12 | 2.5 Low |
| Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage. | ||||
| CVE-2016-3918 | 1 Google | 1 Android | 2025-04-12 | N/A |
| email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not ensure that certain values are integers, which allows attackers to read arbitrary attachments via a crafted application that provides a pathname value, aka internal bug 30745403. | ||||
| CVE-2016-3907 | 1 Google | 1 Android | 2025-04-12 | N/A |
| An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30593266. References: Qualcomm QC-CR#1054352. | ||||
| CVE-2016-3906 | 1 Google | 1 Android | 2025-04-12 | N/A |
| An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30445973. References: Qualcomm QC-CR#1054344. | ||||
| CVE-2016-3902 | 1 Google | 1 Android | 2025-04-12 | N/A |
| drivers/platform/msm/ipa/ipa_qmi_service.c in the Qualcomm IPA driver in Android before 2016-10-05 on Nexus 5X and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29953313 and Qualcomm internal bug CR 1044072. | ||||
| CVE-2016-5927 | 1 Ibm | 1 Tivoli Storage Manager For Space Management | 2025-04-12 | N/A |
| IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output. | ||||
| CVE-2016-5946 | 1 Ibm | 2 Spectrum Control, Tivoli Storage Productivity Center | 2025-04-12 | N/A |
| Directory traversal vulnerability in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL. | ||||
| CVE-2016-4485 | 3 Canonical, Linux, Novell | 5 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 2 more | 2025-04-12 | N/A |
| The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message. | ||||
| CVE-2016-0292 | 1 Ibm | 1 Bigfix | 2025-04-12 | N/A |
| WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows local users to discover the cleartext system password by reading a report. | ||||
| CVE-2016-5970 | 1 Ibm | 1 Security Privileged Identity Manager Virtual Appliance | 2025-04-12 | N/A |
| Directory traversal vulnerability in IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL. | ||||
| CVE-2016-5971 | 1 Ibm | 1 Security Privileged Identity Manager Virtual Appliance | 2025-04-12 | N/A |
| IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | ||||