Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows local users to affect confidentiality via vectors related...

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to Filesystem.

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold...

The Secure Kernel Mode feature in Microsoft Windows 10 Gold and 1511 allows local users to obtain sensitive information via a crafted application, aka "Windows Secure Kernel Mode Information Disclosur...

IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache locally that could be available to a local user. IBM X-Force ID: 113938.

IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Rich Client, could disclose potentially sensitive information related to the Sametime environment as well as other users on the loca...

IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by reading cached web pages from a different user's session.

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified directories under the web root, which allows local users to modify data by writing to a file.

secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an "exce...

Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081.

The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of service (out-of-bounds read) via a crafted ELF object file.

lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions (666) for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to tha...

Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860.

Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862.

The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before 9.3.2 and other products, mishandles the deletion of browsing history, which might allow local users to...

Audio in Apple OS X before 10.11.5 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.

Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds memory access) via a crafted ap...

The AMD subsystem in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

Buffer overflow in the Accessibility component in Apple iOS before 9.3.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

The code-signing subsystem in Apple OS X before 10.11.4 does not properly verify file ownership, which allows local users to determine the existence of arbitrary files via unspecified vectors.

The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app.

IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

nghttp2 before 1.7.1 allows remote attackers to cause a denial of service (memory exhaustion).

cPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130).