Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-5933 | 1 Ibm | 1 Tivoli Monitoring | 2025-04-20 | N/A |
| IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223. | ||||
| CVE-2014-3150 | 1 Orange | 2 Livebox 1.1, Livebox 1.1 Firmware | 2025-04-20 | N/A |
| Livebox 1.1 allows remote authenticated users to upload arbitrary configuration files, download the configuration file, or obtain sensitive information via crafted Javascript. | ||||
| CVE-2016-4689 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Mail" component, which does not alert the user to an S/MIME email signature that used a revoked certificate. | ||||
| CVE-2016-5057 | 1 Osram | 1 Lightify Pro | 2025-04-20 | N/A |
| OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning. | ||||
| CVE-2016-5898 | 1 Ibm | 1 Jazz Reporting Service | 2025-04-20 | N/A |
| IBM Jazz Reporting Service (JRS) could allow a remote attacker to obtain sensitive information, caused by not restricting JSON serialization. By sending a direct request, an attacker could exploit this vulnerability to obtain sensitive information. | ||||
| CVE-2016-5949 | 1 Ibm | 1 Kenexa Lcms Premier | 2025-04-20 | N/A |
| IBM Kenexa LCMS Premier on Cloud could allow an authenticated user to obtain sensitive user data with a specially crafted HTTP request. | ||||
| CVE-2016-7601 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Local Authentication" component, which does not honor the configured screen-lock time interval if the Touch ID prompt is visible. | ||||
| CVE-2015-0233 | 1 Fedoraproject | 1 389 Administration Server | 2025-04-20 | N/A |
| Multiple insecure Temporary File vulnerabilities in 389 Administration Server before 1.1.38. | ||||
| CVE-2016-7541 | 1 Fortinet | 1 Fortios | 2025-04-20 | N/A |
| Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x before 5.4.0 could violate a security policy during IPS signature updates when the FortiGate's IPSengine is configured in flow mode. All FortiGate versions with IPS configured in proxy mode (the default mode) are not affected. | ||||
| CVE-2015-3170 | 1 Selinux Project | 1 Selinux | 2025-04-20 | N/A |
| selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy. | ||||
| CVE-2016-8768 | 1 Huawei | 6 Honor 6, Honor 6 Firmware, Honor 6 Plus and 3 more | 2025-04-20 | N/A |
| Huawei Honor 6, Honor 6 Plus, Honor 7 phones with software versions earlier than 6.9.16 could allow attackers to disable the PXN defense mechanism by invoking related drive code to crash the system or escalate privilege. | ||||
| CVE-2016-5196 | 1 Google | 1 Chrome | 2025-04-20 | N/A |
| The content renderer client in Google Chrome prior to 54.0.2840.85 for Android insufficiently enforced the Same Origin Policy amongst downloaded files, which allowed a remote attacker to access any downloaded file and interact with sites, including those the user was logged into, via a crafted HTML page. | ||||
| CVE-2015-8986 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | N/A |
| Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware. | ||||
| CVE-2016-9010 | 1 Ibm | 2 Integration Bus, Websphere Message Broker | 2025-04-20 | N/A |
| IBM WebSphere Message Broker 9.0 and 10.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM Reference #: 1997906. | ||||
| CVE-2017-11818 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more | 2025-04-20 | N/A |
| The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass vulnerability when it fails to validate an integrity-level check, aka "Windows Storage Security Feature Bypass Vulnerability". | ||||
| CVE-2015-7267 | 2 Samsung, Seagate | 8 850 Pro, 850 Pro Firmware, Pm851 and 5 more | 2025-04-20 | N/A |
| Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a "Hot Plug attack." | ||||
| CVE-2015-7269 | 1 Seagate | 2 St500lt015, St500lt015 Firmware | 2025-04-20 | N/A |
| Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by attaching a second SATA connector to exposed pins, maintaining an alternate power source, and attaching the data cable to another machine, aka a "Hot Unplug Attack." | ||||
| CVE-2015-7331 | 1 Puppetlabs | 1 Mcollective-puppet-agent | 2025-04-20 | N/A |
| The mcollective-puppet-agent plugin before 1.11.1 for Puppet allows remote attackers to execute arbitrary code via vectors involving the --server argument. | ||||
| CVE-2015-8990 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | N/A |
| Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware. | ||||
| CVE-2016-10332 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications. | ||||