Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-12 | CVE-2017-0242 | Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008 An information disclosure vulnerability exists in the way some ActiveX objects are instantiated, aka "Microsoft ActiveX Information Disclosure Vulnerability." | 5.5 |
| 2017-05-12 | CVE-2017-0220 | Information Exposure vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Server 2012 The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gold allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0258, and CVE-2017-0259. | 4.7 |
| 2017-05-12 | CVE-2017-0190 | Information Exposure vulnerability in Microsoft products The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure Vulnerability." | 4.4 |
| 2017-05-12 | CVE-2017-0175 | Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008 The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0220, CVE-2017-0258, and CVE-2017-0259. | 4.7 |
| 2017-05-12 | CVE-2017-8360 | Information Exposure vulnerability in Conexant Mictray64 1.0.0.46 Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process. | 5.5 |
| 2017-05-11 | CVE-2017-8899 | Information Exposure vulnerability in Invisioncommunity Invision Power Board Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. | 8.1 |
| 2017-05-10 | CVE-2017-8878 | Information Exposure vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266 ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow remote authenticated users to discover the Wi-Fi password via WPS_info.xml. | 6.5 |
| 2017-05-10 | CVE-2017-8877 | Information Exposure vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266 ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 allow JSONP Information Disclosure such as the SSID. | 6.5 |
| 2017-05-10 | CVE-2017-5892 | Information Exposure vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266 ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosure such as a network map. | 7.5 |
| 2017-05-09 | CVE-2017-3067 | Information Exposure vulnerability in Adobe Experience Manager Forms 6.0/6.1/6.2 Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms. | 7.5 |