Export limit exceeded: 24496 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24496 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-10406 | 1 Qualcomm | 38 Mdm9650, Mdm9650 Firmware, Sd 205 and 35 more | 2024-11-21 | N/A |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, and SD 835, while printing debug message of a pointer in wlan_qmi_err_cb, the real kernel address will be printed regardless of the kptr_restrict system settings. | ||||
| CVE-2016-10236 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An information disclosure vulnerability in the Qualcomm USB driver. Product: Android. Versions: Android kernel. Android ID: A-33280689. References: QC-CR#1102418. | ||||
| CVE-2016-10235 | 1 Google | 1 Android | 2024-11-21 | N/A |
| A denial of service vulnerability in the Qualcomm WiFi driver. Product: Android. Versions: Android kernel. Android ID: A-34390620. References: QC-CR#1046409. | ||||
| CVE-2016-10234 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An information disclosure vulnerability in the Qualcomm IPA driver. Product: Android. Versions: Android kernel. Android ID: A-34390017. References: QC-CR#1069060. | ||||
| CVE-2016-1000232 | 3 Ibm, Redhat, Salesforce | 5 Api Connect, Openshift, Openshift Container Platform and 2 more | 2024-11-21 | N/A |
| NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been fixed in 2.3.0. | ||||
| CVE-2016-1000110 | 4 Debian, Fedoraproject, Python and 1 more | 5 Debian Linux, Fedora, Python and 2 more | 2024-11-21 | 6.1 Medium |
| The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests. | ||||
| CVE-2016-1000107 | 1 Erlang | 1 Erlang\/otp | 2024-11-21 | 6.1 Medium |
| inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. | ||||
| CVE-2016-1000104 | 2 Apache, Opensuse | 3 Mod Fcgid, Leap, Opensuse | 2024-11-21 | 8.8 High |
| A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07. | ||||
| CVE-2016-1000002 | 4 Debian, Gnome, Opensuse and 1 more | 4 Debian Linux, Gnome Display Manager, Leap and 1 more | 2024-11-21 | 2.4 Low |
| gdm3 3.14.2 and possibly later has an information leak before screen lock | ||||
| CVE-2016-0715 | 1 Pivotal Software | 1 Cloud Foundry Elastic Runtime | 2024-11-21 | N/A |
| Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP Buildpack, Staticfile Buildpack and potentially other custom Buildpack applications vulnerable to remote information disclosure. Affected applications use automated buildpack detection, serve files directly from the root of the application and have a buildpack that matched after the Java Buildpack in the system buildpack priority when Java Buildpack versions 2.0 through 3.4 were present. | ||||
| CVE-2016-0708 | 1 Cloudfoundry | 2 Cf-release, Java Buildpack | 2024-11-21 | N/A |
| Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automatic buildpack detection, passed through the Java Buildpack detection script, and allow the serving of static content from within the deployed artifact. The default Apache Tomcat configuration in the affected java buildpack versions for some basic web application archive (WAR) packaged applications are vulnerable to this issue. | ||||
| CVE-2016-0367 | 1 Ibm | 1 Security Identity Manager Virtual Appliance | 2024-11-21 | N/A |
| IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 112072. | ||||
| CVE-2016-0366 | 1 Ibm | 1 Security Privileged Identity Manager | 2024-11-21 | N/A |
| IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 might allow remote attackers to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 112071. | ||||
| CVE-2016-0351 | 1 Ibm | 1 Security Identity Manager Virtual Appliance | 2024-11-21 | N/A |
| IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 does not set the secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. IBM X-Force ID: 111890. | ||||
| CVE-2016-0345 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | N/A |
| IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report rendering. IBM X-Force ID: 111786. | ||||
| CVE-2016-0343 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | N/A |
| IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 111784. | ||||
| CVE-2016-0312 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | N/A |
| IBM TRIRIGA Application Platform before 3.3.2 allows remote attackers to obtain sensitive information via vectors related to granting unauthenticated access to Document Manager. IBM X-Force ID: 111486. | ||||
| CVE-2016-0300 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | N/A |
| IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 might allow remote attackers to access arbitrary JSP pages via vectors related to improper input validation. IBM X-Force ID: 111412. | ||||
| CVE-2016-0299 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | N/A |
| IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to obtain sensitive information via vectors involving a database query. IBM X-Force ID: 111382. | ||||
| CVE-2016-0286 | 1 Ibm | 1 Tivoli Business Service Manager | 2024-11-21 | N/A |
| IBM Tivoli Business Service Manager 6.1.0 before 6.1.0-TIV-BSM-FP0004 and 6.1.1 before 6.1.1-TIV-BSM-FP0004 allows remote authenticated users to obtain administrator passwords by leveraging unspecified privileges. BM X-Force ID: 111234. | ||||