Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-16 | CVE-2017-5223 | Information Exposure vulnerability in PHPmailer Project PHPmailer An issue was discovered in PHPMailer before 5.2.22. | 5.5 |
| 2017-01-15 | CVE-2017-5487 | Information Exposure vulnerability in Wordpress wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request. | 5.3 |
| 2017-01-13 | CVE-2017-0398 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. | 5.5 |
| 2017-01-13 | CVE-2016-9107 | Information Exposure vulnerability in OTR Gajim-Otr The OTR plugin for Gajim sends information in cleartext when using XHTML, which allows remote attackers to obtain sensitive information via unspecified vectors. | 7.5 |
| 2017-01-13 | CVE-2016-8671 | Information Exposure vulnerability in Matrixssl The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remote attackers to predict the secret key via unspecified vectors. | 5.9 |
| 2017-01-13 | CVE-2016-6887 | Information Exposure vulnerability in Matrixssl The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remote attackers to predict the secret key via a CRT attack. | 5.9 |
| 2017-01-13 | CVE-2016-3130 | Information Exposure vulnerability in Blackberry Enterprise Service An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to obtain local or domain credentials of an administrator or user account by sniffing traffic between the two elements during a login attempt. | 8.1 |
| 2017-01-13 | CVE-2016-10140 | Information Exposure vulnerability in Zoneminder 1.30.0 Information disclosure and authentication bypass vulnerability exists in the Apache HTTP Server configuration bundled with ZoneMinder v1.30 and v1.29, which allows a remote unauthenticated attacker to browse all directories in the web root, e.g., a remote unauthenticated attacker can view all CCTV images on the server via the /events URI. | 7.5 |
| 2017-01-13 | CVE-2016-10135 | Information Exposure vulnerability in LG Mobile An issue was discovered on LG devices using the MTK chipset with L(5.0/5.1), M(6.0/6.0.1), and N(7.0) software, and RCA Voyager Tablet, BLU Advance 5.0, and BLU R1 HD devices. | 5.5 |
| 2017-01-12 | CVE-2016-3152 | Information Exposure vulnerability in Barco Clickshare Csc-1 Firmware 01.09.02.03 Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the root password by downloading and extracting the firmware image. | 9.8 |