Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-10 | CVE-2017-1538 | Information Exposure vulnerability in IBM Financial Transaction Manager 3.0.2.0/3.0.2.1 IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive information from an undocumented URL. | 6.5 |
| 2017-10-10 | CVE-2017-11051 | Information Exposure vulnerability in Google Android 8.0 In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, information disclosure is possible in function __wlan_hdd_cfg80211_testmode since buffer hb_params is not initialized to zero. | 7.5 |
| 2017-10-10 | CVE-2015-6918 | Information Exposure vulnerability in Saltstack Salt 2015 salt before 2015.5.5 leaks git usernames and passwords to the log. | 6.3 |
| 2017-10-10 | CVE-2017-14943 | Information Exposure vulnerability in Trapezegroup Transitmaster Trapeze TransitMaster is vulnerable to information disclosure (emails / hashed passwords) via a modified userID field in JSON data to ManageSubscriber.aspx/GetSubscriber. | 7.5 |
| 2017-10-10 | CVE-2017-14603 | Information Exposure vulnerability in Digium Asterisk In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat" and "symmetric_rtp" options allow redirecting where Asterisk sends the next RTCP report. | 7.5 |
| 2017-10-09 | CVE-2017-14971 | Information Exposure vulnerability in Infocuscorp Infocus Mondopad 2.2.08 Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. | 5.5 |
| 2017-10-06 | CVE-2015-1828 | Information Exposure vulnerability in Http.Rb Project Http.Rb The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack. | 5.9 |
| 2017-10-06 | CVE-2017-14085 | Information Exposure vulnerability in Trendmicro Officescan 11.0/12.0 Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to query the network's NT domain or the PHP version and modules. | 5.3 |
| 2017-10-05 | CVE-2017-9628 | Information Exposure vulnerability in Saia Burgess Controls PCD Controllers Firmware 1.24.67/1.28.11 An Information Exposure issue was discovered in Saia Burgess Controls PCD Controllers with PCD firmware versions prior to 1.28.16 or 1.24.69. | 5.3 |
| 2017-10-05 | CVE-2017-1000114 | Information Exposure vulnerability in Jenkins Datadog The Datadog Plugin stores an API key to access the Datadog service in the global Jenkins configuration. | 3.1 |