Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-27 | CVE-2014-5131 | Information Exposure vulnerability in Avolvesoftware Projectdox 8.1 Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive information by leveraging ciphertext reuse. | 6.5 |
| 2018-03-27 | CVE-2014-5130 | Information Exposure vulnerability in Avolvesoftware Projectdox 8.1 Avolve Software ProjectDox 8.1 allows remote authenticated users to obtain sensitive information from other users via vectors involving a direct access token. | 6.5 |
| 2018-03-27 | CVE-2018-9056 | Information Exposure vulnerability in multiple products Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope. | 5.6 |
| 2018-03-27 | CVE-2015-5016 | Information Exposure vulnerability in IBM products IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management Essentials 7.1 and 7.5; Control Desk 7.5 and 7.6; Tivoli Asset Management for IT 7.1 and 7.2; and certain other IBM products allow remote authenticated users to bypass intended access restrictions and read arbitrary ticket worklog entries via unspecified vectors. | 4.3 |
| 2018-03-26 | CVE-2015-7434 | Information Exposure vulnerability in IBM Capacity Management Analytics 2.1.0.0 IBM Capacity Management Analytics 2.1.0.0 allows local users to discover encrypted usernames and passwords by leveraging access to the CMA install machine. | 7.8 |
| 2018-03-26 | CVE-2015-7433 | Information Exposure vulnerability in IBM Capacity Management Analytics 2.1.0.0 IBM Capacity Management Analytics 2.1.0.0 allows local users to discover cleartext usernames and passwords by leveraging access to the CMA install machine. | 7.8 |
| 2018-03-26 | CVE-2015-7432 | Information Exposure vulnerability in IBM Capacity Management Analytics 2.1.0.0 IBM Capacity Management Analytics 2.1.0.0 allows local users to decrypt usernames and passwords by leveraging access to setenv.sh and parameter.txt. | 7.8 |
| 2018-03-26 | CVE-2015-7424 | Information Exposure vulnerability in IBM Infosphere Master Data Management IBM InfoSphere Master Data Management (MDM) - Collaborative Edition 9.1, 10.1, 11.0, 11.3, 11.4, and 11.5 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information by leveraging Catalogs access. | 4.3 |
| 2018-03-26 | CVE-2015-7401 | Information Exposure vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.1.x before 6.1.1.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive document information by guessing the document id. | 4.3 |
| 2018-03-26 | CVE-2015-5045 | Information Exposure vulnerability in IBM Rational License KEY Server The Administration and Reporting tool in IBM Rational License Key Server (RLKS) before 8.1.4.9 iFix 04 allows local users to obtain sensitive information via unspecified vectors. | 3.3 |