Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-27 | CVE-2017-7415 | Information Exposure vulnerability in Atlassian Confluence Server Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource. | 7.5 |
| 2017-04-25 | CVE-2017-8057 | Information Exposure vulnerability in Joomla Joomla! In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused full path disclosures on systems with enabled error reporting. | 5.3 |
| 2017-04-25 | CVE-2017-7983 | Information Exposure vulnerability in Joomla Joomla! In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), mail sent using the JMail API leaked the used PHPMailer version in the mail headers. | 5.3 |
| 2017-04-25 | CVE-2017-8109 | Information Exposure vulnerability in Saltstack Salt The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients). | 7.8 |
| 2017-04-24 | CVE-2017-3560 | Information Exposure vulnerability in Oracle Hospitality Opera 5 Property Services Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OXI Interface). | 4.3 |
| 2017-04-24 | CVE-2017-3556 | Information Exposure vulnerability in Oracle Application Object Library Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: File Management). | 5.3 |
| 2017-04-24 | CVE-2017-3552 | Information Exposure vulnerability in Oracle Hospitality Opera 5 Property Services Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Room Image/Picture Setup). | 4.3 |
| 2017-04-24 | CVE-2017-3527 | Information Exposure vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55 Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Core). | 5.3 |
| 2017-04-24 | CVE-2017-3498 | Information Exposure vulnerability in Oracle Solaris 11.3 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). | 3.3 |
| 2017-04-24 | CVE-2015-7247 | Information Exposure vulnerability in D-Link Dvg-N5402Sp Firmware W1000Cn00/W1000Cn03/W2000En00 D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information. | 9.8 |