Total
7102 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1044 | 1 Moodle | 1 Moodle | 2018-02-05 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the settings. | |||||
| CVE-2018-5726 | 1 Barni | 2 Master Ip Camera01, Master Ip Camera01 Firmware | 2018-02-05 | 5.0 MEDIUM | 9.8 CRITICAL |
| MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings. | |||||
| CVE-2017-13206 | 1 Google | 1 Android | 2018-02-02 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability in the Android media framework (aacdec). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65025048. | |||||
| CVE-2018-5728 | 1 Cobham | 2 Seatel 121, Seatel 121 Firmware | 2018-02-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details. | |||||
| CVE-2017-1478 | 1 Ibm | 2 Security Access Manager, Security Access Manager 9.0 Firmware | 2018-02-01 | 2.1 LOW | 3.3 LOW |
| IBM Security Access Manager Appliance 9.0.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 128613. | |||||
| CVE-2017-0846 | 1 Google | 1 Android | 2018-02-01 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability in the Android framework (clipboardservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64934810. | |||||
| CVE-2015-7484 | 1 Ibm | 1 Rational Engineering Lifecycle Manager | 2018-02-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive information by sending a crafted URL to the Lifecycle Query Engine. IBM X-Force ID: 108619. | |||||
| CVE-2018-5266 | 1 Cobham | 2 Sea Tel 121, Sea Tel 121 Firmware | 2018-02-01 | 5.0 MEDIUM | 7.5 HIGH |
| Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with password seatel3, SysAdmin with password seatel2, and User with password seatel1. | |||||
| CVE-2017-14082 | 1 Trendmicro | 1 Mobile Security | 2018-02-01 | 5.0 MEDIUM | 7.5 HIGH |
| An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security (Enterprise) versions 9.7 and below could allow an unauthenticated remote attacker to disclosure sensitive information on a vulnerable system. | |||||
| CVE-2018-5682 | 1 Prestashop | 1 Prestashop | 2018-01-31 | 5.0 MEDIUM | 5.3 MEDIUM |
| PrestaShop 1.7.2.4 allows user enumeration via the Reset Password feature, by noticing which reset attempts do not produce a "This account does not exist" error message. | |||||
| CVE-2014-5004 | 1 Brbackup Project | 1 Brbackup | 2018-01-30 | 2.1 LOW | 7.8 HIGH |
| lib/brbackup.rb in the brbackup gem 0.1.1 for Ruby places the database password on the mysql command line, which allows local users to obtain sensitive information by listing the process. | |||||
| CVE-2014-5001 | 1 Kcapifony Project | 1 Kcapifony | 2018-01-30 | 2.1 LOW | 7.8 HIGH |
| lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the (1) mysqldump, (2) pg_dump, (3) mysql, and (4) psql command lines, which allows local users to obtain sensitive information by listing the processes. | |||||
| CVE-2014-5000 | 1 Lawn-login Project | 1 Lawn-login | 2018-01-30 | 2.1 LOW | 7.8 HIGH |
| The login function in lib/lawn.rb in the lawn-login gem 0.0.7 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process. | |||||
| CVE-2014-4999 | 1 Kajam Project | 1 Kajam | 2018-01-30 | 2.1 LOW | 7.8 HIGH |
| vendor/plugins/dataset/lib/dataset/database/mysql.rb in the kajam gem 1.0.3.rc2 for Ruby places the mysql user password on the (1) mysqldump command line in the capture function and (2) mysql command line in the restore function, which allows local users to obtain sensitive information by listing the process. | |||||
| CVE-2014-4998 | 1 Lean-ruport Project | 1 Lean-ruport | 2018-01-30 | 2.1 LOW | 7.8 HIGH |
| test/tc_database.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process. | |||||
| CVE-2014-4997 | 1 Point-cli Project | 1 Point-cli | 2018-01-30 | 2.1 LOW | 7.8 HIGH |
| lib/commands/setup.rb in the point-cli gem 0.0.1 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process. | |||||
| CVE-2014-4995 | 1 Vladtheenterprising Project | 1 Vladtheenterprising | 2018-01-30 | 1.9 LOW | 7.0 HIGH |
| Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed. | |||||
| CVE-2014-4991 | 1 Codders-dataset Project | 1 Codders-dataset | 2018-01-30 | 2.1 LOW | 7.8 HIGH |
| (1) lib/dataset/database/mysql.rb and (2) lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process. | |||||
| CVE-2014-4992 | 1 Cap-strap Project | 1 Cap-strap | 2018-01-30 | 2.1 LOW | 7.8 HIGH |
| lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process. | |||||
| CVE-2014-4993 | 2 Backup-agoddard Project, Backup Checksum Project | 2 Backup-agoddard, Backup Checksum | 2018-01-30 | 2.1 LOW | 7.8 HIGH |
| (1) lib/backup/cli/utility.rb in the backup-agoddard gem 3.0.28 and (2) lib/backup/cli/utility.rb in the backup_checksum gem 3.0.23 for Ruby place credentials on the openssl command line, which allows local users to obtain sensitive information by listing the process. | |||||