Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-08 | CVE-2017-0895 | Information Exposure vulnerability in Nextcloud Server Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and addressbook names to other logged-in users. | 3.5 |
| 2017-05-06 | CVE-2017-7923 | Information Exposure vulnerability in Hikvision products A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. | 8.8 |
| 2017-05-05 | CVE-2016-8916 | Information Exposure vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued. | 5.5 |
| 2017-05-04 | CVE-2017-3732 | Information Exposure vulnerability in multiple products There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. | 5.9 |
| 2017-05-03 | CVE-2017-6626 | Information Exposure vulnerability in Cisco Unified Contact Center Enterprise 11.5(1)/11.6(1) A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise (UCCE) 11.5(1) and 11.6(1) could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. | 5.3 |
| 2017-05-03 | CVE-2017-5481 | Information Exposure vulnerability in Trendmicro Officescan 11.0/12.0 Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 allows remote authenticated users to gain privileges by leveraging a leak of an encrypted password during a web-console operation. | 8.8 |
| 2017-05-03 | CVE-2017-7995 | Information Exposure vulnerability in multiple products Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. | 3.8 |
| 2017-05-03 | CVE-2016-0382 | Information Exposure vulnerability in IBM Tealeaf Consumer Experience The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes some of its operational state in a form that may be accidentally captured and exposed by network infrastructure components such as IIS. | 4.0 |
| 2017-05-02 | CVE-2017-7216 | Information Exposure vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information via unspecified request parameters. | 6.5 |
| 2017-05-02 | CVE-2016-5810 | Information Exposure vulnerability in Advantech Webaccess upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors. | 4.9 |