Encyclopédie publique des vulnérabilités

A propos de l’encyclopédie publique

L’encyclopédie des vulnérabilités de Cyberwatch est une base de données formée à partir de l’agrégation de nombreuses informations issues des autorités comme les publications du NVD (National Vulnerability Database) et de l’ANSSI (Agence Nationale de la Sécurité des Systèmes d’Informations), les alertes d’éditeurs (Microsoft, Ubuntu, RedHat, CentOS, Mozilla, Adobe…), les bases d’exploits (Exploit-DB, Metasploit, SecurityFocus, GitHub…).

Vous consultez ici une version publique de notre encyclopédie, gratuite et limitée en fonctionnalités.

 

Accéder à l’encyclopédie complète

Nous fournissons une base de données enrichie pour nos clients, avec plus de 130 000 fiches de vulnérabilités, description, scores aux formats CVSSv2 et CVSSv3, alertes de sécurité des éditeurs et des autorités, exploits publics avec leurs liens, et analyses complémentaires effectuées à partir de données sociales afin d’apprécier de la sévérité des vulnérabilités.

Merci de nous contacter au +33 1 85 08 69 79 ou par mail à contact@cyberwatch.fr pour obtenir un accès.

Rechercher dans l’encyclopédie publique Cyberwatch

CVE-2018-12126 – Encyclopédie des vulnérabilités

Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

lire plus

CVE-2018-12130 – Encyclopédie des vulnérabilités

Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

lire plus

CVE-2016-9621 – Encyclopédie des vulnérabilités

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9429. Reason: This candidate is a reservation duplicate of CVE-2016-9429. Notes: All CVE users should reference CVE-2016-9429 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

lire plus

CVE-2016-3919 – Encyclopédie des vulnérabilités

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5195. Reason: This candidate is a reservation duplicate of CVE-2016-5195. Notes: All CVE users should reference CVE-2016-5195 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

lire plus

CVE-2016-3906 – Encyclopédie des vulnérabilités

An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30445973. References: Qualcomm QC-CR#1054344.

lire plus

CVE-2016-3907 – Encyclopédie des vulnérabilités

An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30593266. References: Qualcomm QC-CR#1054352.

lire plus

CVE-2016-3904 – Encyclopédie des vulnérabilités

An elevation of privilege vulnerability in the Qualcomm bus driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30311977. References: Qualcomm QC-CR#1050455.

lire plus

CVE-2016-2988 – Encyclopédie des vulnérabilités

IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.4.x before 6.4.3.4 and 7.1.x before 7.1.6 allows remote authenticated users to bypass a TSM credential requirement and obtain administrative access by leveraging multiple simultaneous logins.

lire plus

CVE-2016-2947 – Encyclopédie des vulnérabilités

IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational DOORS Next Generation 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Rhapsody Design Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; and Rational Software Architect Design Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5 allow remote authenticated users to obtain sensitive information via unspecified vectors.

lire plus