Search
Total
3359 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-7438 | 1 Ibm | 1 Sterling B2b Integrator | 2016-01-06 | 1.9 LOW | 4.7 MEDIUM |
| IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services information by leveraging database access. | |||||
| CVE-2015-7452 | 1 Ibm | 9 Maximo Asset Management, Maximo Asset Management Essentials, Maximo For Government and 6 more | 2016-01-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 FP9, 7.5.1, and 7.6 before 7.6.0.3 FP3 for SmartCloud Control Desk allow remote authenticated users to obtain sensitive information via the REST API. | |||||
| CVE-2015-7456 | 1 Ibm | 1 Spectrum Scale | 2016-01-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote authenticated users to discover object-storage admin passwords via unspecified vectors. | |||||
| CVE-2015-4990 | 1 Ibm | 1 Tealeaf Customer Experience | 2016-01-06 | 1.9 LOW | 4.0 MEDIUM |
| The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows local users to discover credentials by leveraging privileges during an unspecified connection type. | |||||
| CVE-2015-2913 | 1 Orientdb | 1 Orientdb | 2015-12-31 | 4.3 MEDIUM | 5.9 MEDIUM |
| server/network/protocol/http/OHttpSessionManager.java in the Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 improperly relies on the java.util.Random class for generation of random Session ID values, which makes it easier for remote attackers to predict a value by determining the internal state of the PRNG in this class. | |||||
| CVE-2015-2896 | 1 Idera | 1 Uptime Infrastructure Monitor | 2015-12-31 | 5.0 MEDIUM | 5.3 MEDIUM |
| The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS, process, and event-log information via a command. | |||||
| CVE-2015-7787 | 1 Asus | 2 Wl-330nul, Wl-330nul Firmware | 2015-12-30 | 3.3 LOW | 4.3 MEDIUM |
| ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors. | |||||
| CVE-2015-8252 | 1 Rsi Video Technologies | 1 Frontel Protocol | 2015-12-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and performing a "jumbled up" calculation with this number. | |||||
| CVE-2015-6471 | 1 Eaton | 1 Proview | 2015-12-23 | 4.3 MEDIUM | 5.3 MEDIUM |
| Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does not properly initialize padding fields in Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data. | |||||