Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-07 | CVE-2017-3738 | Information Exposure vulnerability in multiple products There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. | 5.9 |
| 2017-12-07 | CVE-2017-1497 | Information Exposure vulnerability in IBM Sterling File Gateway 2.2 IBM Sterling File Gateway 2.2 could allow an unauthorized user to view files they should not have access to providing they know the directory location of the file. | 3.7 |
| 2017-12-07 | CVE-2017-1487 | Information Exposure vulnerability in IBM Sterling File Gateway 2.2 IBM Sterling File Gateway 2.2 could allow an authenticated attacker to obtain sensitive information such as login ids on the system. | 6.5 |
| 2017-12-07 | CVE-2017-1481 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view sensitive information that belongs to another user. | 4.3 |
| 2017-12-07 | CVE-2017-1355 | Information Exposure vulnerability in IBM Atlas Ediscovery Process Management IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive information in URL parameters. | 3.7 |
| 2017-12-07 | CVE-2017-1353 | Information Exposure vulnerability in IBM Atlas Ediscovery Process Management IBM Atlas eDiscovery Process Management 6.0.3 could allow an authenticated attacker to obtain sensitive information when an unsuspecting user clicks on unsafe third-party links. | 3.5 |
| 2017-12-07 | CVE-2017-1342 | Information Exposure vulnerability in IBM Insights Foundation for Energy 2.0 IBM Insights Foundation for Energy 2.0 could reveal sensitive information in error messages to authenticated users that could e used to conduct further attacks. | 4.3 |
| 2017-12-07 | CVE-2017-17449 | Information Exposure vulnerability in Linux Kernel The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system. | 4.7 |
| 2017-12-06 | CVE-2017-17068 | Information Exposure vulnerability in Auth0 Auth0.Js A cross-origin vulnerability has been discovered in the Auth0 auth0.js library affecting versions < 8.12. | 7.5 |
| 2017-12-06 | CVE-2017-13175 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the NVIDIA libwilhelm. | 7.5 |