Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-23 | CVE-2017-15518 | Information Exposure vulnerability in Netapp Oncommand API Services and Service Level Manager All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. | 7.8 |
| 2018-02-23 | CVE-2017-16769 | Information Exposure vulnerability in Synology Photo Station 6.8.13458 Exposure of private information vulnerability in Photo Viewer in Synology Photo Station 6.8.1-3458 allows remote attackers to obtain metadata from password-protected photographs via the map viewer mode. | 5.3 |
| 2018-02-22 | CVE-2018-7317 | Information Exposure vulnerability in Christianwebministries Proclaim 9.1.1 Backup Download exists in the Proclaim 9.1.1 component for Joomla! via a direct request for a .sql file under backup/. | 7.5 |
| 2018-02-22 | CVE-2018-1392 | Information Exposure vulnerability in IBM Financial Transaction Manager 3.0.4.0/3.1.0.0 IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. | 3.1 |
| 2018-02-21 | CVE-2016-0367 | Information Exposure vulnerability in IBM Security Identity Manager Virtual Appliance IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 allows remote authenticated users to obtain sensitive information by reading an error message. | 4.3 |
| 2018-02-21 | CVE-2016-0366 | Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0 IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 might allow remote attackers to obtain sensitive information by leveraging weak encryption. | 3.7 |
| 2018-02-21 | CVE-2016-0351 | Information Exposure vulnerability in IBM Security Identity Manager Virtual Appliance IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 does not set the secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | 3.7 |
| 2018-02-21 | CVE-2016-0345 | Information Exposure vulnerability in IBM Tririga Application Platform IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report rendering. | 4.3 |
| 2018-02-21 | CVE-2016-0343 | Information Exposure vulnerability in IBM Tririga Application Platform IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain sensitive information by reading an error message. | 4.3 |
| 2018-02-21 | CVE-2018-7276 | Information Exposure vulnerability in Lutron Quantum Bacnet Integration Firmware 3.2.243 An issue was discovered on Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) devices. | 7.5 |