Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-08 | CVE-2016-2866 | Information Exposure vulnerability in IBM Rational Collaborative Lifecycle Management An unspecified vulnerability in IBM Jazz Team Server may disclose some deployment information to an authenticated user. | 4.3 |
| 2017-02-08 | CVE-2017-5933 | Information Exposure vulnerability in Citrix Netscaler Application Delivery Controller Firmware Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for remote attackers to obtain the GCM authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270. | 5.9 |
| 2017-02-08 | CVE-2016-8492 | Information Exposure vulnerability in Fortinet Fortios The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption. | 5.9 |
| 2017-02-08 | CVE-2016-10213 | Information Exposure vulnerability in A10Networks Advanced Core Operating System 2.7.2 A10 AX1030 and possibly other devices with software before 2.7.2-P8 uses random GCM nonce generations, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270. | 5.9 |
| 2017-02-08 | CVE-2016-10212 | Information Exposure vulnerability in Radware Alteon 30.0.5.10/30.2.1.1 Radware devices use the same value for the first two GCM nonces, which allows remote attackers to obtain the authentication key and spoof data via a "forbidden attack," a similar issue to CVE-2016-0270. | 5.9 |
| 2017-02-08 | CVE-2016-0270 | Information Exposure vulnerability in IBM Client Application Access, Domino and Notes IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack." NOTE: this CVE has been incorrectly used for GCM nonce reuse issues in other products; see CVE-2016-10213 for the A10 issue, CVE-2016-10212 for the Radware issue, and CVE-2017-5933 for the Citrix issue. | 5.9 |
| 2017-02-08 | CVE-2017-0451 | Information Exposure vulnerability in multiple products An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |
| 2017-02-08 | CVE-2017-0448 | Information Exposure vulnerability in multiple products An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. | 5.5 |
| 2017-02-08 | CVE-2017-0426 | Information Exposure vulnerability in Google Android 7.0/7.1.0/7.1.1 An information disclosure vulnerability in the Filesystem could enable a local malicious application to access data outside of its permission levels. | 5.5 |
| 2017-02-08 | CVE-2017-0425 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. | 5.5 |