Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10441 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-0259 | 1 Ibm | 1 Websphere Mq | 2025-04-12 | N/A |
| runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authority requirement and obtain sensitive information via unspecified display commands. | ||||
| CVE-2016-0393 | 1 Ibm | 1 Maximo Asset Management | 2025-04-12 | N/A |
| IBM Maximo Asset Management 7.5 before 7.5.0.10-TIV-MBS-IFIX002 and 7.6 before 7.6.0.5-TIV-MAMMT-FP001 allows remote attackers to obtain sensitive URL information by reading log files. | ||||
| CVE-2016-0397 | 1 Ibm | 1 Bigfix Webreports | 2025-04-12 | N/A |
| WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic. | ||||
| CVE-2016-0811 | 1 Google | 1 Android | 2025-04-12 | N/A |
| Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in libmediaplayerservice in Android 6.x before 2016-02-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an improper size calculation, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25800375. | ||||
| CVE-2016-0823 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-12 | N/A |
| The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721. | ||||
| CVE-2016-0824 | 1 Google | 1 Android | 2025-04-12 | N/A |
| libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via crafted Bitstream data, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25765591. | ||||
| CVE-2016-0828 | 1 Google | 1 Android | 2025-04-12 | N/A |
| The BnGraphicBufferConsumer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not initialize a certain slot variable, which allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an ATTACH_BUFFER action, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26338113. | ||||
| CVE-2016-0829 | 1 Google | 1 Android | 2025-04-12 | N/A |
| The BnGraphicBufferProducer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not initialize a certain output data structure, which allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering a QUEUE_BUFFER action, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26338109. | ||||
| CVE-2016-0831 | 1 Google | 1 Android | 2025-04-12 | N/A |
| The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoController.java in Telephony in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not check for the READ_PHONE_STATE permission, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 25778215. | ||||
| CVE-2016-0853 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input. | ||||
| CVE-2016-0862 | 1 Ge | 5 Snmp\/web Adapter 1024746, Snmp\/web Adapter 1024747, Snmp\/web Adapter 1024748 and 2 more | 2025-04-12 | N/A |
| General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to obtain sensitive cleartext account information via unspecified vectors. | ||||
| CVE-2016-0864 | 1 Tollgrade | 1 Smartgrid Lighthouse Sensor Management System | 2025-04-12 | N/A |
| Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to obtain sensitive report and username information via unspecified vectors. | ||||
| CVE-2016-0867 | 1 Carel | 1 Plantvisor Enhanced | 2025-04-12 | N/A |
| CAREL PlantVisorEnhanced allows remote attackers to bypass intended access restrictions via a direct file request. | ||||
| CVE-2016-0870 | 1 Trane | 1 Tracer Sc | 2025-04-12 | N/A |
| The web server in Trane Tracer SC 4.2.1134 and earlier allows remote attackers to read sensitive configuration files via a direct request. | ||||
| CVE-2016-0871 | 1 Eaton Lighting Systems | 1 Eg2 Web Control | 2025-04-12 | N/A |
| Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to read the configuration file, and consequently discover credentials, via a direct request. | ||||
| CVE-2016-10105 | 1 Piwigo | 1 Piwigo | 2025-04-12 | N/A |
| admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to include files. This can cause information disclosure and code execution if it contains a .. sequence. | ||||
| CVE-2016-1035 | 1 Adobe | 1 Robohelp | 2025-04-12 | N/A |
| Adobe RoboHelp Server 9 before 9.0.1 mishandles SQL queries, which allows attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-1241 | 1 Tryton | 1 Tryton | 2025-04-12 | N/A |
| Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allow remote authenticated users to discover user password hashes via unspecified vectors. | ||||
| CVE-2016-1242 | 1 Tryton | 1 Tryton | 2025-04-12 | N/A |
| file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors. | ||||
| CVE-2016-1316 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | N/A |
| Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with Jabber Guest, allows remote attackers to obtain sensitive call-statistics information via a direct request to an unspecified URL, aka Bug ID CSCux73362. | ||||