Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-27 | CVE-2018-15697 | Information Exposure vulnerability in Asustor Data Master ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any file on a share by providing the full path. | 6.5 |
| 2018-08-27 | CVE-2018-15696 | Information Exposure vulnerability in Asustor Data Master ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to enumerate all user accounts via user.cgi. | 4.3 |
| 2018-08-26 | CVE-2017-18345 | Information Exposure vulnerability in Joomanager Project Joomanager The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=com_joomanager&controller=details&task=download&path=configuration.php request. | 9.8 |
| 2018-08-24 | CVE-2018-11654 | Information Exposure vulnerability in Seasofsolutions IP Camera Firmware Information disclosure in Netwave IP camera at get_status.cgi (via HTTP on port 8000) allows an unauthenticated attacker to exfiltrate sensitive information from the device. | 7.5 |
| 2018-08-24 | CVE-2018-11653 | Information Exposure vulnerability in Seasofsolutions IP Camera Firmware Information disclosure in Netwave IP camera at //etc/RT2870STA.dat (via HTTP on port 8000) allows an unauthenticated attacker to exfiltrate sensitive information about the network configuration like the network SSID and password. | 9.8 |
| 2018-08-24 | CVE-2018-1755 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by incorrect transport being used when Liberty is configured to use Java Authentication SPI for Containers (JASPIC). | 5.9 |
| 2018-08-23 | CVE-2018-1999046 | Information Exposure vulnerability in Jenkins A exposure of sensitive information vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in Computer.java that allows attackers With Overall/Read permission to access the connection log for any agent. | 4.3 |
| 2018-08-22 | CVE-2018-10919 | Information Exposure vulnerability in multiple products The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. | 6.5 |
| 2018-08-21 | CVE-2018-15668 | Information Exposure vulnerability in Bloop Airmail 3 3.5.9 An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. | 5.3 |
| 2018-08-21 | CVE-2018-15661 | Information Exposure vulnerability in Olacabs OLA Money 1.9.0 An issue was discovered in the Ola Money (aka com.olacabs.olamoney) application 1.9.0 for Android. | 7.5 |