Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-06 | CVE-2017-0668 | Information Exposure vulnerability in Google Android A information disclosure vulnerability in the Android framework. | 5.5 |
| 2017-07-06 | CVE-2017-6708 | Information Exposure vulnerability in Cisco Ultra Services Framework A vulnerability in the symbolic link (symlink) creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive files or execute malicious code on an affected system. | 9.8 |
| 2017-07-05 | CVE-2017-1157 | Information Exposure vulnerability in IBM Jazz Reporting Service 5.0/6.0 IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an authenticated attacker to access report data that should be restricted to authorized users. | 4.3 |
| 2017-07-05 | CVE-2016-9700 | Information Exposure vulnerability in IBM products IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. | 4.3 |
| 2017-07-05 | CVE-2017-1176 | Information Exposure vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local user to obtain sensitive information due to inappropriate data retention of attachments. | 3.3 |
| 2017-07-05 | CVE-2017-2294 | Information Exposure vulnerability in Puppet Enterprise Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 failed to mark MCollective server private keys as sensitive (a feature added in Puppet 4.6), so key values could be logged and stored in PuppetDB. | 7.5 |
| 2017-07-05 | CVE-2016-0238 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. | 3.7 |
| 2017-07-05 | CVE-2017-10916 | Information Exposure vulnerability in XEN The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220. | 7.5 |
| 2017-07-05 | CVE-2017-10911 | Information Exposure vulnerability in Linux Kernel The make_response function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS (or other guest OS) kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structures, aka XSA-216. | 6.5 |
| 2017-07-04 | CVE-2017-7317 | Information Exposure vulnerability in Humaxdigital Hg100R Firmware 2.0.6 An issue was discovered on Humax Digital HG100 2.0.6 devices. | 9.8 |