Vulnerabilities (CVE)

CWE filter

CWE-200

Filter

6169 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-6260 1 Nvidia 1 Gpu Driver 2019-04-18 2.1
NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters. Local user access is required. This is not a network or remote attack vector.
CVE-2018-12155 1 Intel 1 Integrated Performance Primitives 2019-04-18 2.1
Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-9223 1 Gitlab 1 Gitlab 2019-04-18 5.0
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure.
CVE-2018-13808 1 Siemens 2 Cp 1604 Firmware, Cp 1616 Firmware 2019-04-18 6.4
A vulnerability has been identified in CP 1604 (All versions < V2.8), CP 1616 (All versions < V2.8). An attacker with network access to port 23/tcp could extract internal communication data or cause a Denial-of-Service condition. Successful...
CVE-2019-9494 1 W1.fi 2 Hostapd, Wpa Supplicant 2019-04-18 4.3
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack...
CVE-2019-0162 1 Intel 1 - 2019-04-18 2.1
Memory access in virtual memory mapping for some microprocessors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-5765 4 Google, Debian, Redhat and 1 more 6 Chrome, Debian Linux, Enterprise Linux Desktop and 3 more 2019-04-18 4.3
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent.
CVE-2019-9179 1 Gitlab 1 Gitlab 2019-04-17 4.3
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 5 of 5).
CVE-2019-9178 1 Gitlab 1 Gitlab 2019-04-17 5.0
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 4 of 5).
CVE-2019-9175 1 Gitlab 1 Gitlab 2019-04-17 5.0
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 3 of 5).
CVE-2019-9172 1 Gitlab 1 Gitlab 2019-04-17 4.3
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 2 of 5).
CVE-2019-9171 1 Gitlab 1 Gitlab 2019-04-17 4.3
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 1 of 5).
CVE-2018-13378 1 Fortinet 1 Fortisiem 2019-04-17 4.0
An information disclosure vulnerability in Fortinet FortiSIEM 5.2.0 and below versions exposes the LDAP server plaintext password via the HTML source code.
CVE-2019-3816 4 Openwsman Project, Fedoraproject, Redhat and 1 more 9 Openwsman, Fedora, Enterprise Linux Desktop and 6 more 2019-04-17 5.0
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending...
CVE-2016-5416 1 Redhat 4 Enterprise Linux Workstation, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 1 more 2019-04-16 5.0
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read...
CVE-2018-15473 5 Openbsd, Debian, Netapp and 2 more 16 Openssh, Debian Linux, Aff Baseboard Management Controller and 13 more 2019-04-16 5.0
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and...
CVE-2018-1723 1 Ibm 1 Spectrum Scale 2019-04-16 2.1
IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2 could allow an unprivileged, authenticated user with access to a GPFS node to read arbitrary files available on this node. IBM X-Force ID: 147373.
CVE-2018-1090 3 Pulpproject, Redhat, Fedoraproject 3 Pulp, Satellite, Fedora 2019-04-16 5.0
In Pulp before version 2.16.2, secrets are passed into override_config when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets.
CVE-2017-9735 1 Eclipse 1 Jetty 2019-04-16 5.0
Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.
CVE-2018-7737 1 Zblogcn 1 Z-blogphp 2019-04-16 5.0
** DISPUTED ** In Z-BlogPHP 1.5.1.1740, there is Web Site physical path leakage, as demonstrated by admin_footer.php or admin_footer.php. NOTE: the software maintainer disputes that this is a vulnerability.