Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-08 | CVE-2016-3095 | Information Exposure vulnerability in multiple products server/bin/pulp-gen-ca-certificate in Pulp before 2.8.2 allows local users to read the generated private key. | 5.5 |
| 2017-06-08 | CVE-2016-3111 | Information Exposure vulnerability in Pulpproject Pulp pulp.spec in the installation process for Pulp 2.8.3 generates the RSA key pairs used to validate messages between the pulp server and pulp consumers in a directory that is world-readable before later modifying the permissions, which might allow local users to read the generated RSA keys via reading the key files while the installation process is running. | 5.5 |
| 2017-06-08 | CVE-2015-2253 | Information Exposure vulnerability in Huawei Oceanstor UDS Firmware V100R002C01Spc101 The XML interface in Huawei OceanStor UDS devices with software before V100R002C01SPC102 allows remote authenticated users to obtain sensitive information via a crafted XML document. | 5.0 |
| 2017-06-08 | CVE-2015-2251 | Information Exposure vulnerability in Huawei Oceanstor UDS Firmware V100R002C01Spc101 The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to obtain sensitive information via a crafted UDS patch with JavaScript. | 7.5 |
| 2017-06-07 | CVE-2017-1125 | Information Exposure vulnerability in IBM Cognos Business Intelligence Server IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file. | 3.3 |
| 2017-06-07 | CVE-2016-9710 | Information Exposure vulnerability in IBM Cognos Business Intelligence Server IBM Predictive Solutions Foundation (formerly PMQ) could allow a remote attacker to include arbitrary files. | 5.3 |
| 2017-06-07 | CVE-2016-8939 | Information Exposure vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) clients/agents store password information in the Windows Registry in a manner which can be compromised. | 5.5 |
| 2017-06-07 | CVE-2016-5960 | Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0.2/2.1 IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores user credentials in plain in clear text which can be read by a local user. | 5.5 |
| 2017-06-07 | CVE-2016-5959 | Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0.2/2.1 IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores sensitive information in URL parameters. | 5.3 |
| 2017-06-07 | CVE-2015-7514 | Information Exposure vulnerability in Openstack Ironic 4.2.0/4.2.1 OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authenticated users to obtain sensitive information. | 6.5 |