Vulnerabilities > Information Exposure
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-12-20 | CVE-2017-6094 | Information Exposure vulnerability in Genexis Gaps CPEs used by subscribers on the access network receive their individual configuration settings from a central GAPS instance. | 9.8 |
2017-12-20 | CVE-2017-1596 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. | 5.5 |
2017-12-20 | CVE-2017-1595 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. | 5.5 |
2017-12-20 | CVE-2017-1423 | Information Exposure vulnerability in IBM Websphere Portal 8.5.0.0/9.0.0.0 IBM WebSphere Portal 8.5 and 9.0 exposes backend server URLs that are configured for usage by the Web Application Bridge component. | 5.3 |
2017-12-20 | CVE-2017-1261 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 10.0 stores potentially sensitive information in log files that could be read by a local user. | 3.3 |
2017-12-20 | CVE-2017-1257 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 10.0 discloses sensitive information to unauthorized users. | 4.3 |
2017-12-20 | CVE-2017-17476 | Information Exposure vulnerability in multiple products Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email. | 8.8 |
2017-12-20 | CVE-2017-17793 | Information Exposure vulnerability in Blogotext Project Blogotext Information Disclosure vulnerability in creer_fichier_zip in admin/maintenance.php in BlogoText through 3.7.6 allows remote attackers to defeat a filename-randomization protection mechanism, and read backup archives on Windows servers, by providing the archiv~1.zip name (aka an 8.3 filename). | 7.5 |
2017-12-20 | CVE-2017-17776 | Information Exposure vulnerability in Paid to Read Script Project Paid to Read Script 2.0.5 Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter. | 5.3 |
2017-12-19 | CVE-2017-16786 | Information Exposure vulnerability in Meinbergglobal Lantime Firmware The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with certain privileges to read arbitrary files via (1) the ntpclientcounterlogfile parameter to cgi-bin/mainv2 or (2) vectors involving curl support of the "file" schema in the firmware update functionality. | 6.5 |