Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-19 | CVE-2015-1849 | Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled. | 5.9 |
| 2017-09-19 | CVE-2014-9616 | Information Exposure vulnerability in Netsweeper Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to obtain sensitive information by making a request that redirects to the deny page. | 7.5 |
| 2017-09-19 | CVE-2014-8174 | Information Exposure vulnerability in Redhat Edeploy eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to download files. | 9.8 |
| 2017-09-19 | CVE-2017-12616 | Information Exposure vulnerability in Apache Tomcat When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request. | 7.5 |
| 2017-09-18 | CVE-2017-12157 | Information Exposure vulnerability in Moodle In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access. | 4.3 |
| 2017-09-14 | CVE-2017-0785 | Information Exposure vulnerability in Google Android A information disclosure vulnerability in the Android system (bluetooth). | 6.5 |
| 2017-09-14 | CVE-2017-0783 | Information Exposure vulnerability in Google Android A information disclosure vulnerability in the Android system (bluetooth). | 6.5 |
| 2017-09-14 | CVE-2017-13761 | Information Exposure vulnerability in Fastly 1.2.25 The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses. | 6.5 |
| 2017-09-14 | CVE-2017-1490 | Information Exposure vulnerability in IBM Jazz Reporting Service An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information. | 5.3 |
| 2017-09-14 | CVE-2017-1002100 | Information Exposure vulnerability in Kubernetes Default access permissions for Persistent Volumes (PVs) created by the Kubernetes Azure cloud provider in versions 1.6.0 to 1.6.5 are set to "container" which exposes a URI that can be accessed without authentication on the public internet. | 6.5 |