Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-17 | CVE-2017-1272 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 10.0 and 10.5 stores sensitive information in URL parameters. | 5.3 |
| 2018-12-17 | CVE-2018-20170 | Information Exposure vulnerability in Openstack Keystone OpenStack Keystone through 14.0.1 has a user enumeration vulnerability because invalid usernames have much faster responses than valid ones for a POST /v3/auth/tokens request. | 5.3 |
| 2018-12-17 | CVE-2017-18355 | Information Exposure vulnerability in Google Rendertron 1.0.0 Installed packages are exposed by node_modules in Rendertron 1.0.0, allowing remote attackers to read absolute paths on the server by examining the "_where" attribute of package.json files. | 7.5 |
| 2018-12-14 | CVE-2018-20154 | Information Exposure vulnerability in Designmodo WP Maintenance Mode The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses. | 4.3 |
| 2018-12-14 | CVE-2018-20151 | Information Exposure vulnerability in multiple products In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen. | 7.5 |
| 2018-12-14 | CVE-2018-19413 | Information Exposure vulnerability in Sonarsource Sonarqube A vulnerability in the API of SonarSource SonarQube before 7.4 could allow an authenticated user to discover sensitive information such as valid user-account logins in the web application. | 4.3 |
| 2018-12-13 | CVE-2018-19039 | Information Exposure vulnerability in multiple products Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions. | 6.5 |
| 2018-12-13 | CVE-2018-12076 | Information Exposure vulnerability in Avantimarkets Market Card A vulnerability in the UPC bar code of the Avanti Markets MarketCard could allow an unauthenticated, local attacker to access funds within the customer's MarketCard balance, and also could lead to Customer Information Disclosure. | 4.2 |
| 2018-12-13 | CVE-2018-1886 | Information Exposure vulnerability in IBM Security Access Manager IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 discloses sensitive information to unauthorized users. | 5.3 |
| 2018-12-13 | CVE-2018-1805 | Information Exposure vulnerability in IBM Security Access Manager IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 generates an error message that includes sensitive information about its environment, users, or associated data. | 4.3 |