Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2017-5384 | Information Exposure vulnerability in Mozilla Firefox Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. | 5.9 |
| 2018-06-11 | CVE-2017-5382 | Information Exposure vulnerability in Mozilla Firefox Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. | 7.5 |
| 2018-06-11 | CVE-2017-5378 | Information Exposure vulnerability in multiple products Hashed codes of JavaScript objects are shared between pages. | 7.5 |
| 2018-06-11 | CVE-2016-9904 | Information Exposure vulnerability in multiple products An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. | 7.5 |
| 2018-06-11 | CVE-2016-9074 | Information Exposure vulnerability in multiple products An existing mitigation of timing side-channel attacks is insufficient in some circumstances. | 5.9 |
| 2018-06-11 | CVE-2016-9062 | Information Exposure vulnerability in Mozilla Firefox Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" and "browser.db-wal" files within the Firefox profile after the mode is exited. | 3.3 |
| 2018-06-11 | CVE-2016-5288 | Information Exposure vulnerability in Mozilla Firefox Web content could access information in the HTTP cache if e10s is disabled. | 5.9 |
| 2018-06-11 | CVE-2018-12089 | Information Exposure vulnerability in Octopus Server In Octopus Deploy version 2018.5.1 to 2018.5.7, a user with Task View is able to view a password for a Service Fabric Cluster, when the Service Fabric Cluster target is configured in Azure Active Directory security mode and a deployment is executed with OctopusPrintVariables set to True. | 7.5 |
| 2018-06-08 | CVE-2018-1281 | Information Exposure vulnerability in Apache Mxnet The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLC_PS_ROOT_URI and DMLC_PS_ROOT_PORT env variables. | 6.5 |
| 2018-06-08 | CVE-2018-4252 | Information Exposure vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 4.6 |