Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-08 | CVE-2012-0433 | Information Exposure vulnerability in Crowbar Project Crowbar 1.0 The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data. | 5.5 |
| 2018-06-08 | CVE-2018-11409 | Information Exposure vulnerability in Splunk Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key. | 5.3 |
| 2018-06-07 | CVE-2017-16225 | Information Exposure vulnerability in Aegir Project Aegir aegir is a module to help automate JavaScript project management. | 7.5 |
| 2018-06-07 | CVE-2017-16206 | Information Exposure vulnerability in Coffescript Project Coffescript 1.0.1 The cofee-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | 7.5 |
| 2018-06-07 | CVE-2017-16205 | Information Exposure vulnerability in Coffescript Project Coffescript 1.0.1 The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | 7.5 |
| 2018-06-07 | CVE-2017-16204 | Information Exposure vulnerability in Jquey Project Jquey 1.0.1 The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | 7.5 |
| 2018-06-07 | CVE-2017-16203 | Information Exposure vulnerability in Coffescript Project Coffescript 1.0.1 The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | 7.5 |
| 2018-06-07 | CVE-2017-16202 | Information Exposure vulnerability in Cofeescript Project Cofeescript 0.0.1 The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | 7.5 |
| 2018-06-07 | CVE-2017-16126 | Information Exposure vulnerability in Botbait Project Botbait 1.0.0/1.0.1/2.0.0 The module botbait is a tool to be used to track bot and automated tools usage with-in the npm ecosystem. | 5.3 |
| 2018-06-07 | CVE-2017-16081 | Information Exposure vulnerability in Cross-Env.Js Project Cross-Env.Js cross-env.js was a malicious module published with the intent to hijack environment variables. | 7.5 |