Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-11 | CVE-2017-8865 | Information Exposure vulnerability in Cognitoys Stemosaur Firmware 0.0.794 Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 do not provide sufficient protections against capture-replay attacks, allowing an attacker on the network to replay VoIP traffic between a Dino device and remote server to any other Dino device. | 5.9 |
| 2017-12-11 | CVE-2017-1613 | Information Exposure vulnerability in IBM Connections 6.0 IBM Connections 6.0 could allow an unauthenticated remote attacker to gain unauthenticated or unauthorized access to non-sensitive Engagement Center template data. | 5.3 |
| 2017-12-11 | CVE-2017-1507 | Information Exposure vulnerability in IBM products IBM Jazz Foundation Products could disclose sensitive information during a scan that could lead to further attacks against the system. | 4.3 |
| 2017-12-11 | CVE-2015-8470 | Information Exposure vulnerability in Puppet Enterprise The console in Puppet Enterprise 3.7.x, 3.8.x, and 2015.2.x does not set the secure flag for the JSESSIONID cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | 6.5 |
| 2017-12-09 | CVE-2017-3111 | Information Exposure vulnerability in Adobe Experience Manager 6.1.0/6.2.0 An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. | 7.5 |
| 2017-12-09 | CVE-2017-16369 | Information Exposure vulnerability in Adobe products An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. | 6.5 |
| 2017-12-09 | CVE-2017-11273 | Information Exposure vulnerability in Adobe Digital Editions An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. | 5.5 |
| 2017-12-08 | CVE-2017-16854 | Information Exposure vulnerability in multiple products In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of their customer tickets. | 6.5 |
| 2017-12-08 | CVE-2017-17463 | Information Exposure vulnerability in Vivo Modem Firmware Vivo modems allow remote attackers to obtain sensitive information by reading the index.cgi?page=wifi HTML source code, as demonstrated by ssid and psk_wepkey fields. | 7.5 |
| 2017-12-07 | CVE-2017-1000410 | Information Exposure vulnerability in multiple products The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. | 7.5 |