Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-12 | CVE-2017-0167 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory. | 5.5 |
| 2017-04-12 | CVE-2017-0058 | Information Exposure vulnerability in Microsoft products A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. | 4.7 |
| 2017-04-11 | CVE-2017-5672 | Information Exposure vulnerability in Kony Enterprise Mobile Management 1.2/4.2.0 Kony Enterprise Mobile Management (EMM) before 4.2.5.2 has the vulnerability of disclosing the private key in clear-text when changing the parameters of the request. | 6.5 |
| 2017-04-10 | CVE-2017-7646 | Information Exposure vulnerability in Solarwinds LOG & Event Manager 6.3.1 SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within. | 6.5 |
| 2017-04-10 | CVE-2017-7345 | Information Exposure vulnerability in Netapp Clustered Data Ontap 7.1 NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors. | 5.3 |
| 2017-04-10 | CVE-2017-5607 | Information Exposure vulnerability in Splunk Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow remote attackers to obtain sensitive logged-in username and version-related information via a crafted webpage. | 3.5 |
| 2017-04-10 | CVE-2015-7824 | Information Exposure vulnerability in Botan Project Botan botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites. | 7.5 |
| 2017-04-10 | CVE-2015-8378 | Information Exposure vulnerability in Keepassx Project Keepassx In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. | 7.5 |
| 2017-04-10 | CVE-2016-5076 | Information Exposure vulnerability in Cloudviewnms Cloudview NMS CloudView NMS before 2.10a allows remote attackers to obtain sensitive information via a direct request for admin/auto.def. | 7.5 |
| 2017-04-10 | CVE-2016-5059 | Information Exposure vulnerability in Osram Lightify PRO OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application. | 6.5 |