Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-13 | CVE-2016-6547 | Information Exposure vulnerability in Nutspace NUT Mobile The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. | 7.8 |
| 2018-07-13 | CVE-2016-6546 | Information Exposure vulnerability in Kkmcn Itrackeasy The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. | 7.8 |
| 2018-07-13 | CVE-2017-1395 | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2018-07-13 | CVE-2017-1367 | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 stores sensitive information in URL parameters. | 5.3 |
| 2018-07-12 | CVE-2018-8024 | Information Exposure vulnerability in multiple products In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute and expose information from the user's view of the Spark UI. | 5.4 |
| 2018-07-12 | CVE-2018-1334 | Information Exposure vulnerability in Apache Spark In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. | 4.7 |
| 2018-07-11 | CVE-2016-0708 | Information Exposure vulnerability in Cloudfoundry Cf-Release and Java Buildpack Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. | 5.9 |
| 2018-07-11 | CVE-2013-0589 | Information Exposure vulnerability in IBM Inotes IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. | 7.5 |
| 2018-07-11 | CVE-2018-8325 | Information Exposure vulnerability in Microsoft Edge An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. | 4.3 |
| 2018-07-11 | CVE-2018-8324 | Information Exposure vulnerability in Microsoft Edge An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. | 4.3 |