Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-08 | CVE-2011-3177 | Information Exposure vulnerability in Yast Yast2 The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks. | 7.8 |
| 2017-09-08 | CVE-2017-2550 | Information Exposure vulnerability in Kubik-Rubik Easy Joomla Backup 3.2.4 Vulnerability in Easy Joomla Backup v3.2.4. | 7.5 |
| 2017-09-07 | CVE-2017-6793 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. | 6.5 |
| 2017-09-07 | CVE-2017-12224 | Information Exposure vulnerability in Cisco Meeting Server A vulnerability in the ability for guest users to join meetings via a hyperlink with Cisco Meeting Server could allow an authenticated, remote attacker to enter a meeting with a hyperlink URL, even though access should be denied. | 6.5 |
| 2017-09-07 | CVE-2015-8079 | Information Exposure vulnerability in QT Qtwebkit qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db. | 5.3 |
| 2017-09-07 | CVE-2015-3250 | Information Exposure vulnerability in Apache Directory Ldap API 1.0.0 Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors. | 7.5 |
| 2017-09-06 | CVE-2015-6250 | Information Exposure vulnerability in Simple-PHP-Captcha Project Simple-PHP-Captcha 1.0.0/1.0.1/20150831 simple-php-captcha before commit 9d65a945029c7be7bb6bc893759e74c5636be694 allows remote attackers to automatically generate the captcha response by running the same code on the client-side. | 5.3 |
| 2017-09-06 | CVE-2015-5959 | Information Exposure vulnerability in Froxlor Froxlor before 0.9.33.2 with the default configuration/setup might allow remote attackers to obtain the database password by reading /logs/sql-error.log. | 9.8 |
| 2017-09-06 | CVE-2015-3454 | Information Exposure vulnerability in Vulcanjs Vulcan TelescopeJS before 0.15 leaks user bcrypt password hashes in websocket messages, which might allow remote attackers to obtain password hashes via a cross-site scripting attack. | 7.5 |
| 2017-09-05 | CVE-2017-14156 | Information Exposure vulnerability in Linux Kernel The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations associated with padding bytes. | 5.5 |