Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-23 | CVE-2015-8625 | Information Exposure vulnerability in Mediawiki MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly sanitize parameters when calling the cURL library, which allows remote attackers to read arbitrary files via an @ (at sign) character in unspecified POST array parameters. | 7.5 |
| 2017-03-23 | CVE-2015-5729 | Information Exposure vulnerability in Samsung products The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain sensitive information or bypass authentication via a brute-force attack. | 9.8 |
| 2017-03-23 | CVE-2015-4078 | Information Exposure vulnerability in Cloudera Manager and Navigator Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3 include support for SSLv3 when configured to use SSL/TLS, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). | 3.1 |
| 2017-03-23 | CVE-2017-5227 | Information Exposure vulnerability in Qnap QTS QNAP QTS before 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator password information by reading data in an XOR format within the /etc/config/uLinux.conf configuration file. | 7.5 |
| 2017-03-23 | CVE-2016-5757 | Information Exposure vulnerability in Netiq Access Manager 4.1/4.2 iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication credentials. | 9.8 |
| 2017-03-23 | CVE-2016-5754 | Information Exposure vulnerability in Netiq Access Manager 4.1/4.2 Presence of a .htaccess file could leak information in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before SP2. | 7.5 |
| 2017-03-23 | CVE-2016-5752 | Information Exposure vulnerability in Netiq Access Manager 4.1/4.2 The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original requester. | 7.5 |
| 2017-03-23 | CVE-2016-1603 | Information Exposure vulnerability in Novell Netiq IDM Servicenow Driver An information leak in the NetIQ IDM ServiceNow Driver before 1.0.0.1 could expose cryptographic attributes to logged-in users. | 6.5 |
| 2017-03-21 | CVE-2016-6650 | Information Exposure vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtual Machines versions prior to 5.0 have an SSL Stripping Vulnerability that may potentially be exploited by malicious users to compromise the affected system. | 7.5 |
| 2017-03-20 | CVE-2017-6318 | Information Exposure vulnerability in multiple products saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet. | 7.5 |