| Page(s) : 1 ... 161 162 163 164 165 166 167 168 169 170 [171] 172 173 174 175 176 177 178 179 180 181 ... | Result(s) : 8823 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 3.3 | 2016-09-25 | CVE-2016-4715 | cve | The Date & Time Pref Pane component in Apple OS X before 10.12 mishandles the .GlobalPreferences file, which allows attackers to discover a user's location via a crafted app. |
| 3.3 | 2016-09-18 | CVE-2016-4749 | cve | Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file. |
| 3.7 | 2016-09-18 | CVE-2016-4747 | cve | Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors. |
| 2.9 | 2016-09-18 | CVE-2016-4740 | cve | Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sen... |
| 3.3 | 2016-09-18 | CVE-2016-4620 | cve | The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-... |
| 3.3 | 2016-09-14 | CVE-2016-3354 | cve | The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8... |
| 3.3 | 2016-09-14 | CVE-2016-3344 | cve | The Secure Kernel Mode feature in Microsoft Windows 10 Gold and 1511 allows local users to obtain sensitive information via a crafted application, aka "Windows Secure Kernel Mod... |
| 3.1 | 2016-09-14 | CVE-2016-3325 | cve | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vu... |
| 2.4 | 2016-09-14 | CVE-2016-3291 | cve | Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Mic... |
| 3.3 | 2016-09-14 | CVE-2016-0137 | cve | The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft ... |
| 2.1 | 2016-09-11 | CVE-2016-3888 | cve | internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically pro... |
| 3.1 | 2016-09-11 | CVE-2016-5166 | cve | The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is ref... |
| 3.7 | 2016-09-08 | CVE-2016-4379 | cve | The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which all... |
| 3.7 | 2016-09-03 | CVE-2016-5429 | cve | jose-php before 2.2.1 does not use constant-time operations for HMAC comparison, which makes it easier for remote attackers to obtain sensitive information via a timing attack, ... |
| 3.5 | 2016-09-01 | CVE-2016-2998 | cve | Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to hija... |
| 3.1 | 2016-09-01 | CVE-2016-0385 | cve | Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.10, 9.0 before 9.0.0.1, and Liberty before 16.0.0.3, when Ht... |
| 2.7 | 2016-08-31 | CVE-2016-0370 | cve | Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML vi... |
| 3.3 | 2016-08-23 | CVE-2016-5812 | cve | Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sens... |
| 3.3 | 2016-08-10 | CVE-2013-7458 | cve | linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file. |
| 2.5 | 2016-08-09 | CVE-2016-3321 | cve | Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files v... |
| Page(s) : 1 ... 161 162 163 164 165 166 167 168 169 170 [171] 172 173 174 175 176 177 178 179 180 181 ... | Result(s) : 8823 |
