Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-3742 | Information Exposure vulnerability in Lenovo Connect2 4.2.5 In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location. | 4.8 |
| 2017-07-17 | CVE-2017-7531 | Information Exposure vulnerability in Moodle 3.3.0 In Moodle 3.3, the course overview block reveals activities in hidden courses. | 4.3 |
| 2017-07-17 | CVE-2017-2642 | Information Exposure vulnerability in Moodle Moodle 3.x has user fullname disclosure on the user preferences page. | 6.5 |
| 2017-07-17 | CVE-2017-7683 | Information Exposure vulnerability in Apache Openmeetings Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error stack trace, which is not secure. | 7.5 |
| 2017-07-17 | CVE-2017-1000362 | Information Exposure vulnerability in Jenkins The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key. | 9.8 |
| 2017-07-17 | CVE-2017-1000029 | Information Exposure vulnerability in Oracle Glassfish Server 3.0.1 Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication. | 7.5 |
| 2017-07-17 | CVE-2017-1000025 | Information Exposure vulnerability in Gnome Epiphany GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites. | 7.5 |
| 2017-07-17 | CVE-2017-0196 | Information Exposure vulnerability in Microsoft Edge An information disclosure vulnerability in Microsoft scripting engine allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 6.5 |
| 2017-07-17 | CVE-2015-5152 | Information Exposure vulnerability in Theforeman Foreman Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a man-in-the-middle attack. | 8.1 |
| 2017-07-12 | CVE-2017-11165 | Information Exposure vulnerability in Datataker Dt80 DEX Firmware 1.50.012 dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI. | 9.8 |