Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-13 | CVE-2017-11776 | Information Exposure vulnerability in Microsoft Outlook 2016 Microsoft Outlook 2016 allows an attacker to obtain the email content of a user, due to how Outlook 2016 discloses user email content, aka "Microsoft Outlook Information Disclosure Vulnerability." | 7.5 |
| 2017-10-13 | CVE-2017-11772 | Information Exposure vulnerability in Microsoft products The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure when it fails to properly handle objects in memory, aka "Microsoft Search Information Disclosure Vulnerability". | 7.5 |
| 2017-10-13 | CVE-2017-11765 | Information Exposure vulnerability in Microsoft products The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability". | 5.5 |
| 2017-10-12 | CVE-2017-12849 | Information Exposure vulnerability in Silverstripe Response discrepancy in the login and password reset forms in SilverStripe CMS before 3.5.5 and 3.6.x before 3.6.1 allows remote attackers to enumerate users via timing attacks. | 5.3 |
| 2017-10-12 | CVE-2017-15277 | Information Exposure vulnerability in multiple products ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. | 6.5 |
| 2017-10-11 | CVE-2017-15236 | Information Exposure vulnerability in Tiandy IP Camera Firmware 5.56.17.120 Tiandy IP cameras 5.56.17.120 do not properly restrict a certain proprietary protocol, which allows remote attackers to read settings via a crafted request to TCP port 3001, as demonstrated by config* files and extendword.txt. | 7.5 |
| 2017-10-11 | CVE-2017-15212 | Information Exposure vulnerability in Kanboard In Kanboard before 1.0.47, by altering form data, an authenticated user can at least see the names of tags of a private project of another user. | 4.3 |
| 2017-10-11 | CVE-2017-15210 | Information Exposure vulnerability in Kanboard In Kanboard before 1.0.47, by altering form data, an authenticated user can see thumbnails of pictures from a private project of another user. | 4.3 |
| 2017-10-11 | CVE-2017-15205 | Information Exposure vulnerability in Kanboard In Kanboard before 1.0.47, by altering form data, an authenticated user can download attachments from a private project of another user. | 4.3 |
| 2017-10-11 | CVE-2017-15198 | Information Exposure vulnerability in Kanboard In Kanboard before 1.0.47, by altering form data, an authenticated user can edit a category of a private project of another user. | 4.3 |