Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-04 | CVE-2018-5496 | Information Exposure vulnerability in Netapp Data Ontap Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user. | 4.4 |
| 2018-12-04 | CVE-2018-6099 | Information Exposure vulnerability in multiple products A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page. | 6.5 |
| 2018-12-04 | CVE-2018-6095 | Information Exposure vulnerability in multiple products Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page. | 6.5 |
| 2018-12-04 | CVE-2018-12318 | Information Exposure vulnerability in Asustor Data Master 3.1.1 Information disclosure in the SNMP settings page in ASUSTOR ADM version 3.1.1 allows attackers to obtain the SNMP password in cleartext. | 8.8 |
| 2018-12-04 | CVE-2018-12308 | Information Exposure vulnerability in Asustor Data Master 3.1.1 Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encrypt_key" URL parameter. | 6.5 |
| 2018-12-04 | CVE-2018-19854 | Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel before 4.19.3. | 4.7 |
| 2018-12-03 | CVE-2018-3854 | Information Exposure vulnerability in Intuit Quicken 2018 5.2.2 An exploitable information disclosure vulnerability exists in the password protection functionality of Quicken Deluxe 2018 for Mac version 5.2.2. | 7.1 |
| 2018-12-03 | CVE-2018-14702 | Information Exposure vulnerability in Drobo 5N2 Firmware 4.0.513.28.96115 Incorrect access control in the /drobopix/api/drobo.php endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to retrieve sensitive system information. | 7.5 |
| 2018-12-03 | CVE-2018-14696 | Information Exposure vulnerability in Drobo 5N2 Firmware 4.0.513.28.96115 Incorrect access control in the /mysql/api/drobo.php endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to retrieve sensitive system information. | 7.5 |
| 2018-12-03 | CVE-2018-14695 | Information Exposure vulnerability in Drobo 5N2 Firmware 4.0.513.28.96115 Incorrect access control in the /mysql/api/diags.php endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to retrieve diagnostic information via the "name" URL parameter. | 7.5 |