Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-16 | CVE-2018-7360 | Information Exposure vulnerability in ZTE Zxhn F670 Firmware All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by information exposure vulnerability, which may allow an unauthenticated attacker to get the GPON SN information via appviahttp service. | 6.5 |
| 2018-11-16 | CVE-2018-1639 | Information Exposure vulnerability in IBM Jazz Reporting Service The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 through 6.0.6 could allow an authenticated user to obtain sensitive information beyond its assigned privileges. | 6.5 |
| 2018-11-16 | CVE-2018-9071 | Information Exposure vulnerability in Lenovo Chassis Management Module Firmware Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows unauthenticated users to retrieve information related to the current authentication configuration settings. | 5.3 |
| 2018-11-14 | CVE-2018-9543 | Information Exposure vulnerability in Google Android In trim_device of f2fs_format_utils.c, it is possible that the data partition is not wiped during a factory reset. | 5.5 |
| 2018-11-14 | CVE-2018-9526 | Information Exposure vulnerability in Google Android 9.0 In device configuration data, there is an improperly configured setting. | 7.5 |
| 2018-11-14 | CVE-2018-6082 | Information Exposure vulnerability in multiple products Including port 22 in the list of allowed FTP ports in Networking in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially enumerate internal host services via a crafted HTML page. | 4.7 |
| 2018-11-14 | CVE-2018-6079 | Information Exposure vulnerability in multiple products Inappropriate sharing of TEXTURE_2D_ARRAY/TEXTURE_3D data between tabs in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2018-11-14 | CVE-2018-6077 | Information Exposure vulnerability in multiple products Displacement map filters being applied to cross-origin images in Blink SVG rendering in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2018-11-14 | CVE-2018-6075 | Information Exposure vulnerability in multiple products Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction. | 6.5 |
| 2018-11-14 | CVE-2018-6066 | Information Exposure vulnerability in multiple products Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |