Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-22 | CVE-2017-2733 | Information Exposure vulnerability in Huawei Honor 6X Firmware Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerability due to improper file permission configuration. | 5.5 |
| 2017-11-22 | CVE-2017-2732 | Information Exposure vulnerability in Huawei Hilink Huawei Hilink APP Versions earlier before 5.0.25.306 has an information leak vulnerability. | 5.5 |
| 2017-11-22 | CVE-2017-2730 | Information Exposure vulnerability in Huawei Hilink and Tech Support HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and HUAWEI Tech Support APP (for IOS) versions earlier before 5.0.0 have an information leak vulnerability. | 3.5 |
| 2017-11-22 | CVE-2017-2715 | Information Exposure vulnerability in Huawei Files 7.1.1.308/7.1.1.309 The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. | 7.8 |
| 2017-11-22 | CVE-2017-2704 | Information Exposure vulnerability in Huawei products Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier versions,HwParentControlParent 5.1.0.12 and earlier versions,Crowdtest 1.5.3 and earlier versions,HiWallet 8.0.0.301 and earlier versions,Huawei Pay 8.0.0.300 and earlier versions,Skytone 8.1.2.300 and earlier versions,HwCloudDrive(EMUI6.0) 8.0.0.307 and earlier versions,HwPhoneFinder(EMUI6.0) 9.3.0.310 and earlier versions,HwPhoneFinder(EMUI5.1) 9.2.2.303 and earlier versions,HiCinema 8.0.2.300 and earlier versions,HuaweiWear 21.0.0.360 and earlier versions,HiHealthApp 3.0.3.300 and earlier versions have an information exposure vulnerability. | 7.5 |
| 2017-11-22 | CVE-2017-15099 | Information Exposure vulnerability in multiple products INSERT ... | 6.5 |
| 2017-11-22 | CVE-2017-15098 | Information Exposure vulnerability in multiple products Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory. | 8.1 |
| 2017-11-22 | CVE-2017-8863 | Information Exposure vulnerability in Cohuhd 3960Hd Firmware Information disclosure of .esp source code on the Cohu 3960 allows an attacker to view sensitive information such as application logic with a simple web browser. | 7.5 |
| 2017-11-22 | CVE-2017-8860 | Information Exposure vulnerability in Cohuhd 3960Hd Firmware Information disclosure through directory listing on the Cohu 3960HD allows an attacker to view and download source code, log files, and other sensitive device information via a specially crafted web request with an extra / character, such as a "GET // HTTP/1.1" request. | 6.5 |
| 2017-11-20 | CVE-2017-3157 | Information Exposure vulnerability in multiple products By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. | 5.5 |