Search Results (10809 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-2909 1 Linux 1 Linux Kernel 2025-04-11 N/A
The do_devinfo_ioctl function in drivers/staging/comedi/comedi_fops.c in the Linux kernel before 3.1 allows local users to obtain sensitive information from kernel memory via a copy of a short string.
CVE-2012-5625 2 Openstack, Redhat 3 Folsom, Grizzly, Openstack 2025-04-11 N/A
OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume (LV).
CVE-2012-4168 6 Adobe, Apple, Google and 3 more 8 Air, Air Sdk, Flash Player and 5 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow remote attackers to read content from a different domain via a crafted web site.
CVE-2012-6325 1 Vmware 1 Vcenter Server Appliance 2025-04-11 N/A
VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors.
CVE-2012-4197 1 Mozilla 1 Bugzilla 2025-04-11 N/A
Bugzilla/Attachment.pm in attachment.cgi in Bugzilla 2.x and 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 allows remote attackers to read attachment descriptions from private bugs via an obsolete=1 insert action.
CVE-2012-4198 1 Mozilla 1 Bugzilla 2025-04-11 N/A
The User.get method in Bugzilla/WebService/User.pm in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 has a different outcome for a groups request depending on whether a group exists, which allows remote authenticated users to discover private group names by observing whether a call throws an error.
CVE-2012-4199 1 Mozilla 1 Bugzilla 2025-04-11 N/A
template/en/default/bug/field-events.js.tmpl in Bugzilla 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 generates JavaScript function calls containing private product names or private component names in certain circumstances involving custom-field visibility control, which allows remote attackers to obtain sensitive information by reading HTML source code.
CVE-2011-3702 1 Anantasoft 1 Ananta Gazelle 2025-04-11 N/A
Ananta Gazelle 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/template.php and certain other files.
CVE-2011-3703 1 Anecms 1 Anecms 2025-04-11 N/A
AneCMS 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/menu/index.php and certain other files.
CVE-2011-3704 1 Apprain 1 Apprain 2025-04-11 N/A
appRain 0.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by cron.php.
CVE-2011-3706 1 Atutor 1 Atutor 2025-04-11 N/A
ATutor 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by users/tool_settings.inc.php and certain other files.
CVE-2011-3707 1 Janrain 1 Php-openid 2025-04-11 N/A
JanRain PHP OpenID library (aka php-openid) 2.2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Auth/Yadis/Yadis.php and certain other files.
CVE-2011-3708 1 Automne-cms 1 Automne 2025-04-11 N/A
Automne 4.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/page-redirect-info.php.
CVE-2011-3709 1 B2evolution 1 B2evolution 2025-04-11 N/A
b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by locales/ru_RU/ru-RU.locale.php and certain other files.
CVE-2011-3710 1 Bbpress 1 Bbpress 2025-04-11 N/A
bbPress 1.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by bb-templates/kakumei/view.php and certain other files.
CVE-2011-3711 1 Bigace 1 Bigace 2025-04-11 N/A
BIGACE 2.7.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/libs/javascript.inc.php and certain other files.
CVE-2011-3713 1 Powerdrummer 1 Cftp 2025-04-11 N/A
cFTP r80 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/session_check.php and certain other files.
CVE-2011-3714 1 Csphere 1 Clansphere 2025-04-11 N/A
ClanSphere 2010.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by mods/board/attachment.php.
CVE-2011-3724 1 Cubecart 1 Cubecart 2025-04-11 N/A
CubeCart 4.4.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/shipping/USPS/calc.php and certain other files.
CVE-2011-3725 1 Deluxebb 1 Deluxebb 2025-04-11 N/A
DeluxeBB 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by header_html.php.