Total
9687 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0192 | 1 Simplemachines | 1 Simple Machines Forum | 2024-11-21 | 4.9 Medium |
| File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config. | ||||
| CVE-2012-6341 | 1 Netgear | 4 Wgr614v7, Wgr614v7 Firmware, Wgr614v9 and 1 more | 2024-11-21 | 6.5 Medium |
| An Information Disclosure vulnerability exists in the my config file in NEtGEAR WGR614 v7 and v9, which could let a malicious user recover all previously used passwords on the device, for both the control panel and WEP/WPA/WPA2, in plaintext. This is a different issue than CVE-2012-6340. | ||||
| CVE-2012-6091 | 1 Magentocommerce | 1 Magento | 2024-11-21 | 7.5 High |
| Zend_XmlRpc Class in Magento before 1.7.0.2 contains an information disclosure vulnerability. | ||||
| CVE-2012-6079 | 1 Boldgrid | 1 W3 Total Cache | 2024-11-21 | 7.5 High |
| W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys. | ||||
| CVE-2012-6078 | 1 Boldgrid | 1 W3 Total Cache | 2024-11-21 | 7.5 High |
| W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes. | ||||
| CVE-2012-6077 | 1 Boldgrid | 1 W3 Total Cache | 2024-11-21 | 7.5 High |
| W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files. | ||||
| CVE-2012-5828 | 1 Blackberry | 2 Playbook, Playbook Firmware | 2024-11-21 | 6.5 Medium |
| BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerability via a Web browser component error | ||||
| CVE-2012-5644 | 4 Debian, Fedoraproject, Libuser Project and 1 more | 4 Debian Linux, Fedora, Libuser and 1 more | 2024-11-21 | 5.5 Medium |
| libuser has information disclosure when moving user's home directory | ||||
| CVE-2012-5570 | 1 Basic Webmail Project | 1 Basic Webmail | 2024-11-21 | 4.3 Medium |
| The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses. | ||||
| CVE-2012-5535 | 2 Fedoraproject, Gnome | 2 Fedora, Gnome-system-log | 2024-11-21 | 7.5 High |
| gnome-system-log polkit policy allows arbitrary files on the system to be read | ||||
| CVE-2012-5476 | 2 Debian, Openstack | 2 Debian Linux, Horizon | 2024-11-21 | 5.5 Medium |
| Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value. | ||||
| CVE-2012-4420 | 1 Oracle | 1 Jdk | 2024-11-21 | 7.5 High |
| An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation). A remote attacker could use this flaw to obtain potentially sensitive information. | ||||
| CVE-2012-3353 | 1 Apache | 1 Sling Jcr Contentloader | 2024-11-21 | N/A |
| The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including local files, causing potential information leaks. Users should upgrade to version 2.1.6 of the JCR ContentLoader | ||||
| CVE-2012-3331 | 1 Ibm | 1 Sametime | 2024-11-21 | N/A |
| IBM Sametime allows remote attackers to obtain sensitive information from the Sametime Log database via a direct request to STLOG.NSF. IBM X-Force ID: 78048. | ||||
| CVE-2012-2724 | 1 Md-systems | 1 Simplenews | 2024-11-21 | 5.3 Medium |
| The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7.x-1.0-rc1 for Drupal reveals the email addresses of new mailing list subscribers when confirmation is required, which allows remote attackers to obtain sensitive information via the confirmation page. | ||||
| CVE-2012-1994 | 1 Hp | 1 Systems Insight Manager | 2024-11-21 | 5.7 Medium |
| HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information | ||||
| CVE-2012-1169 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 5.3 Medium |
| Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs. | ||||
| CVE-2012-1161 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.3 Medium |
| Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results | ||||
| CVE-2012-1159 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.3 Medium |
| Moodle before 2.2.2: Overview report allows users to see hidden courses | ||||
| CVE-2012-1158 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.3 Medium |
| Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export | ||||