Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2017-16058 | Information Exposure vulnerability in Gruntcli Project Gruntcli gruntcli was a malicious module published with the intent to hijack environment variables. | 7.5 |
| 2018-06-07 | CVE-2017-16057 | Information Exposure vulnerability in Nodemssql Project Nodemssql nodemssql was a malicious module published with the intent to hijack environment variables. | 7.5 |
| 2018-06-07 | CVE-2017-16056 | Information Exposure vulnerability in Mssql.Js Project Mssql.Js mssql.js was a malicious module published with the intent to hijack environment variables. | 7.5 |
| 2018-06-06 | CVE-2018-10198 | Information Exposure vulnerability in Otrs An issue was discovered in OTRS 6.0.x before 6.0.7. | 4.3 |
| 2018-06-06 | CVE-2017-1476 | Information Exposure vulnerability in IBM products IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2018-06-06 | CVE-2017-1474 | Information Exposure vulnerability in IBM products IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 discloses sensitive information to unauthorized users. | 5.3 |
| 2018-06-05 | CVE-2018-1000196 | Information Exposure vulnerability in Jenkins Gitlab Hook A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlab_notifier.rb, views/gitlab_notifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser (e.g. | 6.5 |
| 2018-06-05 | CVE-2018-10599 | Information Exposure vulnerability in Philips products IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that allows an unauthenticated attacker to read memory from an attacker-chosen device address within the same subnet. | 5.3 |
| 2018-06-05 | CVE-2018-1000191 | Information Exposure vulnerability in Jenkins Synopsys Detect A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 6.5 |
| 2018-06-05 | CVE-2018-1000190 | Information Exposure vulnerability in Jenkins Black Duck HUB A exposure of sensitive information vulnerability exists in Jenkins Black Duck Hub Plugin 4.0.0 and older in PostBuildScanDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 6.5 |