Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-07 | CVE-2015-2080 | Information Exposure vulnerability in multiple products The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak. | 7.5 |
| 2016-10-06 | CVE-2015-1000012 | Information Exposure vulnerability in Mypixs Project Mypixs 0.3 Local File Inclusion Vulnerability in mypixs v0.3 wordpress plugin | 7.5 |
| 2016-10-06 | CVE-2015-1000008 | Information Exposure vulnerability in Mp3-Jplayer Project Mp3-Jplayer 2.3.2 Path Disclosure Vulnerability in wordpress plugin MP3-jPlayer v2.3.2 | 5.3 |
| 2016-10-06 | CVE-2016-6653 | Information Exposure vulnerability in Pivotal Software Cloud Foundry CF Mysql 27.0/28.0 The MariaDB audit_plugin component in Pivotal Cloud Foundry (PCF) cf-mysql-release 27 and 28 allows remote attackers to obtain sensitive information by reading syslog messages, as demonstrated by cleartext credentials. | 7.5 |
| 2016-10-06 | CVE-2016-6435 | Information Exposure vulnerability in Cisco Firepower Management Center 6.0.1 The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376. | 6.5 |
| 2016-10-06 | CVE-2016-6026 | Information Exposure vulnerability in IBM Sterling Secure Proxy 3.4.2.0/3.4.3.0 The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows man-in-the-middle attackers to obtain sensitive information via an HTTP method that is neither GET nor POST. | 5.3 |
| 2016-10-05 | CVE-2016-1455 | Information Exposure vulnerability in Cisco Nx-Os Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables local-interface configuration, which allows remote attackers to obtain sensitive information via TCP or UDP traffic, aka Bug ID CSCuz05365. | 7.5 |
| 2016-10-05 | CVE-2016-7561 | Information Exposure vulnerability in Fortinet Fortiwlc Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow administrators to obtain sensitive user credentials by reading the pam.log file. | 7.2 |
| 2016-10-05 | CVE-2016-6420 | Information Exposure vulnerability in Cisco Firesight System Software Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467. | 6.5 |
| 2016-10-05 | CVE-2016-2307 | Information Exposure vulnerability in American Auto-Matrix products American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 and Aspect-Matrix Building Automation Front-End Solutions application allow remote attackers to read arbitrary files via unspecified vectors, as demonstrated by the configuration file. | 7.5 |