Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-01 | CVE-2018-5525 | Information Exposure vulnerability in F5 products A local file vulnerability exists in the F5 BIG-IP Configuration utility on versions 13.0.0, 12.1.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 that exposes files containing F5-provided data only and do not include any configuration data, proxied traffic, or other potentially sensitive customer data. | 4.3 |
| 2018-06-01 | CVE-2018-11645 | Information Exposure vulnerability in Artifex Ghostscript psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977. | 5.3 |
| 2018-05-31 | CVE-2018-1532 | Information Exposure vulnerability in IBM API Connect IBM API Connect 5.0.0.0 through 5.0.8.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. | 4.3 |
| 2018-05-31 | CVE-2016-10533 | Information Exposure vulnerability in Express-Restify-Mongoose Project Express-Restify-Mongoose express-restify-mongoose is a module to easily create a flexible REST interface for mongoose models. | 8.8 |
| 2018-05-31 | CVE-2016-10530 | Information Exposure vulnerability in Airbrake The airbrake module 0.3.8 and earlier defaults to sending environment variables over HTTP. | 5.9 |
| 2018-05-31 | CVE-2016-10519 | Information Exposure vulnerability in Webtorrent Bittorrent-Dht A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specific series of messages to a listening peer and get it to reveal internal memory. | 7.5 |
| 2018-05-31 | CVE-2015-9236 | Information Exposure vulnerability in Hapijs Hapi Hapi versions less than 11.0.0 implement CORS incorrectly and allowed for configurations that at best returned inconsistent headers and at worst allowed cross-origin activities that were expected to be forbidden. | 5.3 |
| 2018-05-31 | CVE-2018-11036 | Information Exposure vulnerability in Ruckuswireless products Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 (Essentials and High Scale) on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data. | 9.1 |
| 2018-05-30 | CVE-2018-11565 | Information Exposure vulnerability in Mahara Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to mentioning the usernames that are already taken by people registered in the system rather than masking that information. | 5.3 |
| 2018-05-30 | CVE-2018-11437 | Information Exposure vulnerability in Libmobi Project Libmobi 0.3 The mobi_reconstruct_parts function in parse_rawml.c in Libmobi 0.3 allows remote attackers to cause information disclosure (read access violation) via a crafted mobi file. | 6.5 |