Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2018-19487 | Information Exposure vulnerability in Wp-Jobhunt Project Wp-Jobhunt The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_employer_ajax_profile() function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users. | 7.5 |
| 2019-03-21 | CVE-2018-18762 | Information Exposure vulnerability in Saltos 3.1 SaltOS 3.1 r8126 contains a database download vulnerability. | 6.5 |
| 2019-03-21 | CVE-2018-17502 | Information Exposure vulnerability in Thereceptionist the Receptionist for Ipad 4.0.4 The Receptionist for iPad could allow a local attacker to obtain sensitive information, caused by an error in the contact.json file. | 3.3 |
| 2019-03-21 | CVE-2018-17484 | Information Exposure vulnerability in Jollytech Lobby Track 8.2.186 Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Sample Database.mdb database while in kiosk mode. | 7.1 |
| 2019-03-21 | CVE-2018-17483 | Information Exposure vulnerability in Jollytech Lobby Track 8.2.186 Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Reports while in kiosk mode. | 5.5 |
| 2019-03-21 | CVE-2018-17482 | Information Exposure vulnerability in Jollytech Lobby Track 8.2.186 Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Reports while in kiosk mode. | 5.5 |
| 2019-03-21 | CVE-2018-15532 | Information Exposure vulnerability in HP Synaptics Touchpad Driver 20180606 SynTP.sys in Synaptics Touchpad drivers before 2018-06-06 allows local users to obtain sensitive information about freed kernel addresses. | 3.8 |
| 2019-03-15 | CVE-2018-18205 | Information Exposure vulnerability in Top-Vision Cc8800Ce Firmware Topvision CC8800 CMTS C-E devices allow remote attackers to obtain sensitive information via a direct request for /WebContent/startup.tar.gz with userName=admin in a cookie. | 7.5 |
| 2019-03-15 | CVE-2018-17956 | Information Exposure vulnerability in Opensuse Yast2-Samba-Provision 1.0.1 In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was provided on the command line to tools used by yast2-samba-provision, allowing local attackers to read them in the process list | 7.8 |
| 2019-03-14 | CVE-2018-1929 | Information Exposure vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 could allow a malicious user to be allowed to view any view if he knows the URL link of a the view, and access information that should not be able to see. | 4.3 |