Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-14 | CVE-2018-6082 | Information Exposure vulnerability in multiple products Including port 22 in the list of allowed FTP ports in Networking in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially enumerate internal host services via a crafted HTML page. | 4.7 |
| 2018-11-14 | CVE-2018-6079 | Information Exposure vulnerability in multiple products Inappropriate sharing of TEXTURE_2D_ARRAY/TEXTURE_3D data between tabs in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2018-11-14 | CVE-2018-6077 | Information Exposure vulnerability in multiple products Displacement map filters being applied to cross-origin images in Blink SVG rendering in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2018-11-14 | CVE-2018-6075 | Information Exposure vulnerability in multiple products Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction. | 6.5 |
| 2018-11-14 | CVE-2018-6066 | Information Exposure vulnerability in multiple products Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2018-11-14 | CVE-2018-17468 | Information Exposure vulnerability in multiple products Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page. | 6.5 |
| 2018-11-14 | CVE-2018-3621 | Information Exposure vulnerability in Intel Driver&Support Assistant Insufficient input validation in the Intel Driver & Support Assistant before 3.6.0.4 may allow an unauthenticated user to potentially enable information disclosure via adjacent access. | 6.5 |
| 2018-11-14 | CVE-2018-8565 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka "Win32k Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 5.5 |
| 2018-11-14 | CVE-2018-8558 | Information Exposure vulnerability in Microsoft Office and Office 365 Proplus An information disclosure vulnerability exists when Microsoft Outlook fails to respect "Default link type" settings configured via the SharePoint Online Admin Center, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office. | 6.5 |
| 2018-11-14 | CVE-2018-8454 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when Windows Audio Service fails to properly handle objects in memory, aka "Windows Audio Service Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019. | 5.5 |