Total
7102 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-4356 | 1 Apple | 1 Iphone Os | 2017-08-29 | 2.1 LOW | N/A |
| Apple iOS before 8 does not follow the intended configuration setting for text-message preview on the lock screen, which allows physically proximate attackers to obtain sensitive information by reading this screen. | |||||
| CVE-2014-0891 | 1 Ibm | 1 Websphere Application Server | 2017-08-29 | 5.0 MEDIUM | N/A |
| IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.2 allows remote attackers to obtain sensitive information by leveraging incorrect request handling by the (1) Proxy or (2) ODR server. | |||||
| CVE-2014-3081 | 1 Ibm | 2 Global Console Manager 16 Firmware, Global Console Manager 32 Firmware | 2017-08-29 | 6.3 MEDIUM | N/A |
| prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter. | |||||
| CVE-2014-0896 | 1 Ibm | 1 Websphere Application Server | 2017-08-29 | 4.3 MEDIUM | N/A |
| IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before 8.5.5.2 allows remote attackers to obtain sensitive information via a crafted request. | |||||
| CVE-2014-3077 | 1 Ibm | 2 Storwize Unified V7000, Storwize V7000 Unified Software | 2017-08-29 | 2.1 LOW | N/A |
| IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file. | |||||
| CVE-2014-0815 | 2 Google, Opera | 2 Android, Opera Browser | 2017-08-29 | 4.3 MEDIUM | N/A |
| The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies. | |||||
| CVE-2014-3105 | 1 Ibm | 1 Rational Clearcase | 2017-08-29 | 5.0 MEDIUM | N/A |
| The OSLC integration feature in the Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names via a series of requests. | |||||
| CVE-2013-7130 | 1 Openstack | 4 Compute, Grizzly, Havana and 1 more | 2017-08-29 | 7.1 HIGH | N/A |
| The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage. | |||||
| CVE-2014-0892 | 2 Ibm, Linux | 3 Lotus Domino, Lotus Notes, Linux Kernel | 2017-08-29 | 5.0 MEDIUM | N/A |
| IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W. | |||||
| CVE-2014-3103 | 1 Ibm | 1 Rational Clearcase | 2017-08-29 | 5.0 MEDIUM | N/A |
| The Web component in IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | |||||
| CVE-2013-3040 | 1 Ibm | 1 Infosphere Information Server | 2017-08-29 | 5.0 MEDIUM | N/A |
| IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 produces login-failure messages indicating whether the username or password is incorrect, which allows remote attackers to enumerate user accounts via a brute-force attack. | |||||
| CVE-2013-3982 | 1 Ibm | 1 Sametime | 2017-08-29 | 5.0 MEDIUM | N/A |
| The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to obtain unspecified installation information and technical data via a request to a public page. | |||||
| CVE-2013-6330 | 1 Ibm | 1 Websphere Application Server | 2017-08-29 | 3.5 LOW | N/A |
| IBM WebSphere Application Server 7.x before 7.0.0.31, when simpleFileServlet static file caching is enabled, allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2013-0519 | 1 Ibm | 1 Sterling Secure Proxy | 2017-08-29 | 5.0 MEDIUM | N/A |
| IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 provides web-server version data in (1) an unspecified page title and (2) an unspecified HTTP header field, which allows remote attackers to obtain potentially sensitive information by reading a version string. | |||||
| CVE-2013-0558 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2017-08-29 | 5.0 MEDIUM | N/A |
| IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive information about application implementation via unspecified vectors. | |||||
| CVE-2013-0584 | 1 Ibm | 1 Infosphere Replication Server | 2017-08-29 | 5.0 MEDIUM | N/A |
| The Data Replication Dashboard component in IBM InfoSphere Replication Server 9.7 and 10.x before 10.2.0.0-b113 allows remote attackers to obtain a list of all user accounts, along with information about whether each account requires a password, via unspecified vectors. | |||||
| CVE-2013-5490 | 1 Cisco | 1 Prime Data Center Network Manager | 2017-08-29 | 7.8 HIGH | N/A |
| Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCud80148. | |||||
| CVE-2013-0599 | 1 Ibm | 1 Rational Directory Server | 2017-08-29 | 5.0 MEDIUM | N/A |
| IBM Eclipse Help System (IEHS), as used in IBM Rational Directory Server 5.1.1 through 5.1.1.2 and 5.2 through 5.2.1 and other products, allows remote attackers to obtain sensitive information by providing a crafted parameter path and then reading the debug information associated with the 500 HTTP status code. | |||||
| CVE-2013-4070 | 1 Ibm | 1 Spss Collaboration And Deployment Services | 2017-08-29 | 5.0 MEDIUM | N/A |
| The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to discover an internal password via unspecified vectors. | |||||
| CVE-2013-3972 | 1 Ibm | 1 Maximo Asset Management | 2017-08-29 | 4.0 MEDIUM | N/A |
| IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||