Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-11 | CVE-2016-6606 | Information Exposure vulnerability in PHPmyadmin An issue was discovered in cookie encryption in phpMyAdmin. | 8.1 |
| 2016-12-09 | CVE-2016-9103 | Information Exposure vulnerability in multiple products The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them. | 6.0 |
| 2016-12-08 | CVE-2016-9839 | Information Exposure vulnerability in Osgeo Mapserver In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails. | 7.5 |
| 2016-12-01 | CVE-2016-3012 | Information Exposure vulnerability in IBM API Connect and Network Path Manager IBM API Connect (aka APIConnect) before 5.0.3.0 with NPM before 2.2.8 includes certain internal server credentials in the software package, which might allow remote attackers to bypass intended access restrictions by leveraging knowledge of these credentials. | 7.5 |
| 2016-11-30 | CVE-2016-3002 | Information Exposure vulnerability in IBM Connections 4.0.0.0/4.5.0.0/5.0.0.0 IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows physically proximate attackers to obtain sensitive information by reading cached data on a client device. | 2.1 |
| 2016-11-30 | CVE-2016-2958 | Information Exposure vulnerability in IBM Connections 4.0.0.0/4.5.0.0/5.0.0.0 IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to obtain sensitive information by reading an "archaic" e-mail address in a response. | 4.3 |
| 2016-11-30 | CVE-2016-2957 | Information Exposure vulnerability in IBM Connections 4.0.0.0/4.5.0.0/5.0.0.0 IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to obtain sensitive information by reading a stack trace in a response. | 4.3 |
| 2016-11-30 | CVE-2016-2952 | Information Exposure vulnerability in IBM Bigfix Remote Control 9.1.2 IBM BigFix Remote Control before 9.1.3 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP. | 3.7 |
| 2016-11-30 | CVE-2016-2949 | Information Exposure vulnerability in IBM Bigfix Remote Control 9.1.2 IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by reading cached web pages from a different user's session. | 3.3 |
| 2016-11-30 | CVE-2016-2940 | Information Exposure vulnerability in IBM Bigfix Remote Control 9.1.2 Multiple unspecified vulnerabilities in IBM BigFix Remote Control before 9.1.3 allow remote attackers to obtain sensitive information via unknown vectors. | 5.3 |