Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-14 | CVE-2018-19413 | Information Exposure vulnerability in Sonarsource Sonarqube A vulnerability in the API of SonarSource SonarQube before 7.4 could allow an authenticated user to discover sensitive information such as valid user-account logins in the web application. | 4.3 |
| 2018-12-13 | CVE-2018-19039 | Information Exposure vulnerability in multiple products Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions. | 6.5 |
| 2018-12-13 | CVE-2018-12076 | Information Exposure vulnerability in Avantimarkets Market Card A vulnerability in the UPC bar code of the Avanti Markets MarketCard could allow an unauthenticated, local attacker to access funds within the customer's MarketCard balance, and also could lead to Customer Information Disclosure. | 4.2 |
| 2018-12-13 | CVE-2018-1886 | Information Exposure vulnerability in IBM Security Access Manager IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 discloses sensitive information to unauthorized users. | 5.3 |
| 2018-12-13 | CVE-2018-1805 | Information Exposure vulnerability in IBM Security Access Manager IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 generates an error message that includes sensitive information about its environment, users, or associated data. | 4.3 |
| 2018-12-13 | CVE-2018-13811 | Information Exposure vulnerability in Siemens Simatic Step 7 (Tia Portal) A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All Versions < V15.1). | 5.5 |
| 2018-12-13 | CVE-2018-8033 | Information Exposure vulnerability in Apache Ofbiz In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. | 7.5 |
| 2018-12-12 | CVE-2018-15718 | Information Exposure vulnerability in Opendental Open Dental before version 18.4 transmits the entire user database over the network when a remote unauthenticated user accesses the command prompt. | 7.5 |
| 2018-12-12 | CVE-2018-1481 | Information Exposure vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 stores sensitive information in URL parameters. | 5.3 |
| 2018-12-12 | CVE-2018-1476 | Information Exposure vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 discloses sensitive information to unauthorized users. | 7.5 |