Search Results (9958 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-3602 1 Redhat 1 Openshift 2025-04-12 N/A
Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp.
CVE-2014-4620 2 Emc, Meditech 2 Networker, Meditech 2025-04-12 N/A
The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files.
CVE-2014-4638 1 Emc 1 Documentum Wdk 2025-04-12 N/A
EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to conduct frame-injection attacks and obtain sensitive information via unspecified vectors.
CVE-2014-4669 1 Hp 1 Enterprise Maps 2025-04-12 N/A
HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to an XML External Entity (XXE) issue.
CVE-2014-4682 1 Siemens 2 Simatic Pcs7, Wincc 2025-04-12 N/A
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request.
CVE-2014-4701 1 Nagios 1 Nagios 2025-04-12 N/A
The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4702.
CVE-2014-4702 1 Nagios 1 Nagios 2025-04-12 N/A
The check_icmp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701.
CVE-2014-4746 1 Ibm 1 Websphere Portal 2025-04-12 N/A
IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF13 and 8.5.0 through CF01 provides different error codes for firewall-traversal requests depending on whether the intranet host exists, which allows remote attackers to map the intranet network via a series of requests.
CVE-2014-4747 1 Ibm 1 Sametime 2025-04-12 N/A
The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate attackers to discover a meeting password hash by leveraging access to an unattended workstation to read HTML source code within a victim's browser.
CVE-2014-4766 1 Ibm 1 Classic Meeting Server 2025-04-12 N/A
IBM Sametime Classic Meeting Server 8.0.x and 8.5.x allows remote attackers to obtain sensitive information by reading an exported Record and Playback (RAP) file.
CVE-2014-4776 1 Ibm 1 License Metric Tool 2025-04-12 N/A
IBM License Metric Tool 9 before 9.1.0.2 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
CVE-2014-4781 1 Ibm 1 Infosphere Biginsights 2025-04-12 N/A
The alert module in IBM InfoSphere BigInsights 2.1.2 and 3.x before 3.0.0.2 allows remote attackers to obtain sensitive Alert management-services API information via a network-tracing attack.
CVE-2014-4804 1 Ibm 1 Curam Social Program Management 2025-04-12 N/A
Curam Universal Access in IBM Curam Social Program Management 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4.5 before iFix007, 6.0.5.4 before iFix005, and 6.0.5.5 before iFix003, when SPI inclusion is enabled, allows remote attackers to obtain sensitive user data by visiting an unspecified page.
CVE-2014-4812 1 Ibm 1 Security Appscan Source 2025-04-12 N/A
The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 has an open network port for a debug service, which allows remote attackers to obtain sensitive information by connecting to this port.
CVE-2014-4832 1 Ibm 3 Qradar Risk Manager, Qradar Security Information And Event Manager, Qradar Vulnerability Manager 2025-04-12 N/A
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session.
CVE-2014-4862 1 Netmaster 2 Cbw700 Software, Netmaster Cbw700n 2025-04-12 N/A
The Netmaster CBW700N cable modem with software 81.447.392110.729.024 has an SNMP community of public, which allows remote attackers to obtain sensitive credential, key, and SSID information via an SNMP request.
CVE-2014-4874 1 Bmc 1 Track-it\! 2025-04-12 N/A
BMC Track-It! 11.3.0.355 allows remote authenticated users to read arbitrary files by visiting the TrackItWeb/Attachment page.
CVE-2016-1967 1 Mozilla 1 Firefox 2025-04-12 N/A
Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls after restoring a browser session. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7207.
CVE-2014-6086 1 Ibm 2 Security Access Manager For Mobile, Security Access Manager For Web 2025-04-12 N/A
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not ensure that HTTPS is used, which allows remote attackers to obtain sensitive information by sniffing the network during an HTTP session.
CVE-2014-6088 1 Ibm 2 Security Access Manager For Mobile, Security Access Manager For Web 2025-04-12 N/A
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to obtain sensitive information by sniffing the network during use of the null SSL cipher.