Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-04 | CVE-2016-9185 | Information Exposure vulnerability in Openstack Heat In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration. | 4.3 |
| 2016-11-04 | CVE-2016-9183 | Information Exposure vulnerability in Exponentcms Exponent CMS 2.4.0 In /framework/modules/ecommerce/controllers/orderController.php of Exponent CMS 2.4.0, untrusted input is passed into selectObjectsBySql. | 7.5 |
| 2016-11-03 | CVE-2016-9086 | Information Exposure vulnerability in Gitlab GitLab versions 8.9.x and above contain a critical security flaw in the "import/export project" feature of GitLab. | 6.5 |
| 2016-10-28 | CVE-2016-8889 | Information Exposure vulnerability in Bitcoin Knots Project Bitcoin Knots In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fixed in v0.13.1.knots20161027), the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history. | 6.2 |
| 2016-10-28 | CVE-2016-8871 | Information Exposure vulnerability in Botan Project Botan In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an "OAEP side channel" attack. | 6.2 |
| 2016-10-27 | CVE-2016-6446 | Information Exposure vulnerability in Cisco Meeting Server A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attacker to retrieve memory from a connected server. | 7.5 |
| 2016-10-25 | CVE-2016-8295 | Information Exposure vulnerability in Oracle Peoplesoft Enterprise Human Capital Management Time and Labor 9.2 Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors. | 4.3 |
| 2016-10-25 | CVE-2016-8294 | Information Exposure vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors. | 4.3 |
| 2016-10-25 | CVE-2016-8286 | Information Exposure vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges. | 3.1 |
| 2016-10-25 | CVE-2016-5618 | Information Exposure vulnerability in Oracle Data Integrator Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.2.0.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine. | 3.1 |