Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-26 | CVE-2018-0528 | Information Exposure vulnerability in Cybozu Office Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors. | 4.3 |
| 2018-06-26 | CVE-2018-0526 | Information Exposure vulnerability in Cybozu Office Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an image located in an external server via unspecified vectors. | 4.3 |
| 2018-06-25 | CVE-2018-12735 | Information Exposure vulnerability in Saj-Electric SAJ Solar Inverter SAJ Solar Inverter allows remote attackers to obtain potentially sensitive information via a direct request for the inverter_info.htm or english_main.htm URI. | 7.5 |
| 2018-06-25 | CVE-2018-12716 | Information Exposure vulnerability in Google Chromecast Firmware and Home Firmware The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request. | 4.3 |
| 2018-06-22 | CVE-2017-7568 | Information Exposure vulnerability in Netapp Oncommand Unified Manager 5.1/5.2.1/5.2.2 NetApp OnCommand Unified Manager for 7-Mode (core package) versions prior to 5.2.3 may disclose sensitive LDAP account information to authenticated users when the LDAP authentication configuration is tested via the user interface. | 5.3 |
| 2018-06-22 | CVE-2018-1655 | Information Exposure vulnerability in IBM AIX IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock command that may be used to expose kernel memory. | 5.5 |
| 2018-06-22 | CVE-2018-12634 | Information Exposure vulnerability in Circontrol Circarlife Scada CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI. | 9.8 |
| 2018-06-21 | CVE-2018-12632 | Information Exposure vulnerability in Redatam Redatam7 (formerly Redatam WebServer) allows remote attackers to discover the installation path via an invalid LFN parameter to the /redbin/rpwebutilities.exe/text URI. | 5.3 |
| 2018-06-21 | CVE-2018-3665 | Information Exposure vulnerability in multiple products System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. | 5.6 |
| 2018-06-20 | CVE-2018-12594 | Information Exposure vulnerability in Reliablecontrols Mach-Prowebcom Firmware 7.80 Reliable Controls MACH-ProWebCom 7.80 devices allow remote attackers to obtain sensitive information via a direct request for the data/fileinfo.xml or job/job.json file, as demonstrated the Master Password field. | 7.5 |