Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-21 | CVE-2017-8037 | Information Exposure vulnerability in Cloudfoundry Capi-Release and Cf-Release In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. | 7.5 |
| 2017-08-18 | CVE-2017-9680 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, if a pointer argument coming from userspace is invalid, a driver may use an uninitialized structure to log an error message. | 7.5 |
| 2017-08-18 | CVE-2017-9679 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, if a userspace string is not NULL-terminated, kernel memory contents can leak to system logs. | 7.5 |
| 2017-08-18 | CVE-2017-8254 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid. | 5.5 |
| 2017-08-18 | CVE-2015-4071 | Information Exposure vulnerability in Helpdesk PRO Project Helpdesk PRO The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to http://{target}/component/helpdeskpro/?view=ticket&id={ticketId}. | 5.3 |
| 2017-08-18 | CVE-2015-7945 | Information Exposure vulnerability in Spi-Inc Ganeti The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job results. | 7.5 |
| 2017-08-18 | CVE-2017-1501 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide weaker than expected security after using the Admin Console to update the web services security bindings settings. | 5.9 |
| 2017-08-17 | CVE-2017-6786 | Information Exposure vulnerability in Cisco Elastic Services Controller 2.2(9.76) A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system. | 6.3 |
| 2017-08-17 | CVE-2017-6784 | Information Exposure vulnerability in Cisco products A vulnerability in the web interface of the Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to access sensitive data. | 5.3 |
| 2017-08-17 | CVE-2017-6783 | Information Exposure vulnerability in Cisco products A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user. | 4.3 |