Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-06 | CVE-2017-9000 | Information Exposure vulnerability in HP Arubaos ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x prior to 6.5.1.9, 6.5.2, 6.5.3 prior to 6.5.3.3, 6.5.4 prior to 6.5.4.2, 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally is vulnerable to unauthenticated arbitrary file access. | 9.8 |
| 2018-08-06 | CVE-2018-1528 | Information Exposure vulnerability in IBM products IBM Maximo Asset Management 7.6 through 7.6.3 could allow an authenticated user to obtain sensitive information from the WhoAmI API. | 4.3 |
| 2018-08-06 | CVE-2017-1412 | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 generates an error message that includes sensitive information about its environment, users, or associated data. | 4.3 |
| 2018-08-06 | CVE-2017-1409 | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 discloses sensitive information to unauthorized users. | 5.3 |
| 2018-08-05 | CVE-2018-14941 | Information Exposure vulnerability in Harmonicinc NSG 9000 Harmonic NSG 9000 devices allow remote authenticated users to read the webapp.py source code via a direct request for the /webapp.py URI. | 6.5 |
| 2018-08-03 | CVE-2018-14928 | Information Exposure vulnerability in Matera Banco 1.0.0 /contingency/servlet/ServletFileDownload executes as root and provides unauthenticated access to files via the file parameter. | 7.5 |
| 2018-08-01 | CVE-2018-1999041 | Information Exposure vulnerability in Jenkins Tinfoil Security An exposure of sensitive information vulnerability exists in Jenkins Tinfoil Security Plugin 1.6.1 and earlier in TinfoilScanRecorder.java that allows attackers with file system access to the Jenkins master to obtain the API secret key stored in this plugin's configuration. | 5.5 |
| 2018-08-01 | CVE-2018-1999040 | Information Exposure vulnerability in Jenkins Kubernetes An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins. | 8.8 |
| 2018-08-01 | CVE-2018-1999033 | Information Exposure vulnerability in Anchore Container Image Scanner An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and earlier in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the password stored in this plugin's configuration. | 6.5 |
| 2018-08-01 | CVE-2018-1999031 | Information Exposure vulnerability in Jenkins Meliora Testlab An exposure of sensitive information vulnerability exists in Jenkins meliora-testlab Plugin 1.14 and earlier in TestlabNotifier.java that allows attackers with file system access to the Jenkins master to obtain the API key stored in this plugin's configuration. | 6.5 |