Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2018-07-23 CVE-2018-1999009 Information Exposure vulnerability in Octobercms October
October CMS version prior to Build 437 contains a Local File Inclusion vulnerability in modules/system/traits/ViewMaker.php#244 (makeFileContents function) that can result in Sensitive information disclosure and remote code execution.
network
high complexity
octobercms CWE-200
8.1
2018-07-20 CVE-2018-1679 Information Exposure vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow an unauthenticated user to obtain sensitive information that could be used in further attacks against the system.
network
low complexity
ibm CWE-200
5.3
2018-07-20 CVE-2018-1564 Information Exposure vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow a local user with administrator privileges to obtain user passwords found in debugging messages.
local
low complexity
ibm CWE-200
6.7
2018-07-20 CVE-2018-1470 Information Exposure vulnerability in IBM Sterling File Gateway
IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote authenticated attacker to obtain sensitive information displayed in the URL that could lead to further attacks against the system.
network
low complexity
ibm CWE-200
4.3
2018-07-20 CVE-2018-1398 Information Exposure vulnerability in IBM Sterling File Gateway
IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote attacker to download certain files that could contain sensitive information.
network
low complexity
ibm CWE-200
5.3
2018-07-20 CVE-2017-1633 Information Exposure vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator 5.2 through 5.2.6 could allow an authenticated attacker to obtain sensitive variable name information using specially crafted HTTP requests.
network
low complexity
ibm CWE-200
4.3
2018-07-20 CVE-2017-1544 Information Exposure vulnerability in IBM Sterling File Gateway
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) caches usernames and passwords in browsers that could be used by a local attacker to obtain sensitive information.
local
low complexity
ibm CWE-200
7.8
2018-07-20 CVE-2016-10727 Information Exposure vulnerability in multiple products
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
network
low complexity
canonical gnome CWE-200
critical
9.8
2018-07-19 CVE-2018-1587 Information Exposure vulnerability in IBM products
IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 could reveal technical error messages to allow an adversary to gain information about the application and database that could be used to conduct further attacks.
network
low complexity
ibm CWE-200
4.3
2018-07-17 CVE-2018-1612 Information Exposure vulnerability in IBM Qradar Security Information and Event Manager
IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could allow a remote attacker to bypass authentication and obtain sensitive information.
network
low complexity
ibm CWE-200
5.8