Total
7102 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-4627 | 1 Typo3 | 1 Typo3 | 2019-11-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend. | |||||
| CVE-2011-4900 | 2 Debian, Typo3 | 2 Debian Linux, Typo3 | 2019-11-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| TYPO3 before 4.5.4 allows Information Disclosure in the backend. | |||||
| CVE-2010-3673 | 1 Typo3 | 1 Typo3 | 2019-11-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows information disclosure in the mail header of the HTML mailing API. | |||||
| CVE-2013-4518 | 1 Redhat | 2 Enterprise Linux, Update Infrastructure | 2019-11-06 | 2.1 LOW | 5.5 MEDIUM |
| RHUI (Red Hat Update Infrastructure) 2.1.3 has world readable PKI entitlement certificates | |||||
| CVE-2018-19854 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2019-11-06 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option). | |||||
| CVE-2013-4110 | 1 Cryptocat Project | 1 Cryptocat | 2019-11-05 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cryptocat has an Unspecified Chat Participant User List Disclosure | |||||
| CVE-2010-3664 | 1 Typo3 | 1 Typo3 | 2019-11-05 | 4.0 MEDIUM | 6.5 MEDIUM |
| TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Information Disclosure on the backend. | |||||
| CVE-2013-2261 | 1 Cryptocat Project | 1 Cryptocat | 2019-11-05 | 5.0 MEDIUM | 7.5 HIGH |
| Cryptocat before 2.0.22 Chrome Extension 'img/keygen.gif' has Information Disclosure | |||||
| CVE-2013-4105 | 1 Cryptocat Project | 1 Cryptocat | 2019-11-05 | 5.0 MEDIUM | 7.5 HIGH |
| Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure | |||||
| CVE-2013-2262 | 1 Cryptocat Project | 1 Cryptocat | 2019-11-05 | 5.0 MEDIUM | 7.5 HIGH |
| Cryptocat strophe.js before 2.0.22 has information disclosure | |||||
| CVE-2013-2600 | 2 Debian, Miniupnp Project | 2 Debian Linux, Miniupnpd | 2019-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| MiniUPnPd has information disclosure use of snprintf() | |||||
| CVE-2019-16908 | 1 Infosysta | 1 In-app \& Desktop Notifications | 2019-11-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects without authentication/authorization via the plugins/servlet/nfj/ProjectFilter?searchQuery= URI. | |||||
| CVE-2010-2783 | 1 Redhat | 1 Icedtea6 | 2019-11-04 | 6.4 MEDIUM | 9.1 CRITICAL |
| IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended JNLP Services. | |||||
| CVE-2018-1732 | 1 Ibm | 1 Qradar Advisor With Watson | 2019-11-01 | 5.0 MEDIUM | 7.5 HIGH |
| IBM QRadar Advisor with Watson 1.14.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 147810. | |||||
| CVE-2019-17321 | 1 Clipsoft | 1 Rexpert | 2019-11-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| ClipSoft REXPERT 1.0.0.527 and earlier version have an information disclosure issue. When requesting web page associated with session, could leak username via session file path of HTTP response data. No authentication is required. | |||||
| CVE-2019-6849 | 1 Schneider-electric | 6 Modicon Bmenoc 0311, Modicon Bmenoc 0311 Firmware, Modicon Bmenoc 0321 and 3 more | 2019-11-01 | 5.0 MEDIUM | 7.5 HIGH |
| A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when using specific Modbus services provided by the REST API of the controller/communication module. | |||||
| CVE-2019-6850 | 1 Schneider-electric | 6 Modicon Bmenoc 0311, Modicon Bmenoc 0311 Firmware, Modicon Bmenoc 0321 and 3 more | 2019-11-01 | 5.0 MEDIUM | 7.5 HIGH |
| A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when reading specific registers with the REST API of the controller/communication module. | |||||
| CVE-2019-18611 | 1 Mediawiki | 1 Checkuser | 2019-10-31 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the CheckUser extension through 1.34 for MediaWiki. Certain sensitive information within oversighted edit summaries made available via the MediaWiki API was potentially visible to users with various levels of access to this extension. Said users should not have been able to view these oversighted edit summaries via the MediaWiki API. | |||||
| CVE-2019-18612 | 1 Mediawiki | 1 Abusefilter | 2019-10-31 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Previously hidden (restricted) AbuseFilter filters were viewable (or their differences were viewable) to unprivileged users, thus disclosing potentially sensitive information. | |||||
| CVE-2012-0046 | 1 Mediawiki | 1 Mediawiki | 2019-10-31 | 5.0 MEDIUM | 7.5 HIGH |
| mediawiki allows deleted text to be exposed | |||||