Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-29 | CVE-2016-4976 | Information Exposure vulnerability in Apache Ambari Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing. | 5.5 |
| 2017-03-29 | CVE-2017-2686 | Information Exposure vulnerability in Siemens Ruggedcom ROX I 2.9.0 Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information. | 6.5 |
| 2017-03-28 | CVE-2017-0882 | Information Exposure vulnerability in Gitlab Multiple versions of GitLab expose sensitive user credentials when assigning a user to an issue or merge request. | 6.3 |
| 2017-03-28 | CVE-2016-9129 | Information Exposure vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. | 5.3 |
| 2017-03-27 | CVE-2017-1143 | Information Exposure vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.3 |
| 2017-03-27 | CVE-2017-1142 | Information Exposure vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. | 6.5 |
| 2017-03-27 | CVE-2016-6102 | Information Exposure vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 stores sensitive information in URL parameters. | 3.7 |
| 2017-03-27 | CVE-2016-7474 | Information Exposure vulnerability in F5 products In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information. | 5.5 |
| 2017-03-26 | CVE-2017-2643 | Information Exposure vulnerability in Moodle 3.2.0/3.2.1 In Moodle 3.2.x, global search displays user names for unauthenticated users. | 5.3 |
| 2017-03-23 | CVE-2015-8628 | Information Exposure vulnerability in Mediawiki The (1) Special:MyPage, (2) Special:MyTalk, (3) Special:MyContributions, (4) Special:MyUploads, and (5) Special:AllMyUploads pages in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 allow remote attackers to obtain sensitive user login information via crafted links combined with page view statistics. | 5.3 |