Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-06 | CVE-2017-1239 | Information Exposure vulnerability in IBM products IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. | 5.3 |
| 2018-07-05 | CVE-2018-9998 | Information Exposure vulnerability in Open-Xchange Appsuite Open-Xchange OX App Suite before 7.6.3-rev37, 7.8.x before 7.8.2-rev40, 7.8.3 before 7.8.3-rev48, and 7.8.4 before 7.8.4-rev28 include folder names in API error responses, which allows remote attackers to obtain sensitive information via the folder parameter in an "all" action to api/tasks. | 6.5 |
| 2018-07-05 | CVE-2018-12021 | Information Exposure vulnerability in Sylabs Singularity Singularity 2.3.0 through 2.5.1 is affected by an incorrect access control on systems supporting overlay file system. | 6.5 |
| 2018-07-05 | CVE-2018-9185 | Information Exposure vulnerability in Fortinet Fortios An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature. | 8.1 |
| 2018-07-03 | CVE-2018-13123 | Information Exposure vulnerability in Onefilecms onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via the i and f parameters, as demonstrated by ?i=etc/&f=passwd&p=raw_view for the /etc/passwd file. | 9.8 |
| 2018-07-03 | CVE-2018-7776 | Information Exposure vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within error.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 4.3 |
| 2018-07-03 | CVE-2018-10596 | Information Exposure vulnerability in Medtronic 2090 Carelink Programmer Firmware Medtronic 2090 CareLink Programmer all versions The affected product uses a virtual private network connection to securely download updates. | 8.0 |
| 2018-07-02 | CVE-2018-12892 | Information Exposure vulnerability in multiple products An issue was discovered in Xen 4.7 through 4.10.x. | 9.9 |
| 2018-06-30 | CVE-2018-12990 | Information Exposure vulnerability in PHPwcms 1.8.9 phpwcms 1.8.9 allows remote attackers to discover the installation path via an invalid csrf_token_value field. | 5.3 |
| 2018-06-29 | CVE-2018-12997 | Information Exposure vulnerability in Zohocorp products Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows attackers to read certain files on the web server without login by sending a specially crafted request to the server with the operation=copyfile&fileName= substring. | 7.5 |