Total
10354 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-3973 | 1 Sap | 1 Netweaver Application Server Java | 2025-04-12 | 5.3 Medium |
| The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, pressing "Add users", and doing a search, aka SAP Security Note 2255990. | ||||
| CVE-2016-4253 | 1 Adobe | 1 Experience Manager | 2025-04-12 | N/A |
| The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-4378 | 1 Hp | 2 Xp7 Command View, Xp 9000 Command View | 2025-04-12 | N/A |
| The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2015-1729 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." | ||||
| CVE-2016-4516 | 1 Abb | 1 Pcm600 | 2025-04-12 | N/A |
| ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2015-2412 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| Microsoft Internet Explorer 10 and 11 allows remote attackers to read arbitrary local files via a crafted pathname, aka "Internet Explorer Information Disclosure Vulnerability." | ||||
| CVE-2015-2413 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| Microsoft Internet Explorer 6 through 11 allows remote attackers to determine the existence of local files via a crafted module-resource request, aka "Internet Explorer Information Disclosure Vulnerability." | ||||
| CVE-2016-4593 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| The Siri Contacts component in Apple iOS before 9.3.3 allows physically proximate attackers to read arbitrary Contact card information via unspecified vectors. | ||||
| CVE-2016-4620 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app. | ||||
| CVE-2016-4628 | 1 Apple | 2 Iphone Os, Watchos | 2025-04-12 | N/A |
| IOAcceleratorFamily in Apple iOS before 9.3.3 and watchOS before 2.2.2 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2015-2421 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| Microsoft Internet Explorer 6 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass." | ||||
| CVE-2016-4635 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | N/A |
| FaceTime in Apple iOS before 9.3.3 and OS X before 10.11.6 allows man-in-the-middle attackers to spoof relayed-call termination, and obtain sensitive audio information in opportunistic circumstances, via unspecified vectors. | ||||
| CVE-2016-4645 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-4648 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2016-4711 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | N/A |
| CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for input and output. | ||||
| CVE-2016-4742 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| NSSecureTextField in Apple OS X before 10.12 does not enable Secure Input, which allows attackers to discover credentials via a crafted app. | ||||
| CVE-2016-4739 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| mDNSResponder in Apple OS X before 10.12, when VMnet.framework is used, arranges for a DNS proxy to listen on all interfaces, which allows remote attackers to obtain sensitive information by sending a DNS query to an unintended interface. | ||||
| CVE-2016-4740 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-4746 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction. | ||||
| CVE-2016-4747 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors. | ||||