Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-05 | CVE-2018-1723 | Information Exposure vulnerability in IBM Spectrum Scale IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2 could allow an unprivileged, authenticated user with access to a GPFS node to read arbitrary files available on this node. | 5.5 |
| 2018-10-05 | CVE-2014-10076 | Information Exposure vulnerability in Wp-Db-Backup Project Wp-Db-Backup 2.2.4 The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote attackers to read backup archives via a brute-force attack. | 7.5 |
| 2018-10-04 | CVE-2018-17891 | Information Exposure vulnerability in Carestream VUE RIS 11.2 Carestream Vue RIS, RIS Client Builds: Version 11.2 and prior running on a Windows 8.1 machine with IIS/7.5. | 3.7 |
| 2018-10-04 | CVE-2018-13258 | Information Exposure vulnerability in Mediawiki 1.31.0 Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible. | 5.3 |
| 2018-10-04 | CVE-2018-1670 | Information Exposure vulnerability in IBM Financial Transaction Manager 3.0.2.0/3.0.2.1 IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive product configuration information from log files. | 4.3 |
| 2018-10-04 | CVE-2017-5658 | Information Exposure vulnerability in Apache Pony Mail The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to be returning timestamp data without proper authorization checks. | 5.3 |
| 2018-10-03 | CVE-2018-16051 | Information Exposure vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. | 6.5 |
| 2018-10-02 | CVE-2018-14822 | Information Exposure vulnerability in Entes Emg-12 Firmware 2.57 Entes EMG12 versions 2.57 and prior an information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user and execute arbitrary code. | 9.8 |
| 2018-10-02 | CVE-2018-6262 | Information Exposure vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled where limited sensitive user information may be available to users with system access, which may lead to information disclosure. | 2.5 |
| 2018-10-01 | CVE-2015-9269 | Information Exposure vulnerability in Wpmobilepack Wordpress Mobile Pack The export/content.php exportarticle feature in the wordpress-mobile-pack plugin before 2.1.3 2015-06-03 for WordPress allows remote attackers to obtain sensitive information because the content of a privately published post is sent in JSON format. | 7.5 |