Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-01 | CVE-2016-5986 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, 8.5.x before 8.5.5.11, 9.0.x before 9.0.0.2, and Liberty before 16.0.0.3 mishandles responses, which allows remote attackers to obtain sensitive information via unspecified vectors. | 7.5 |
| 2016-09-29 | CVE-2016-7090 | Information Exposure vulnerability in Siemens Scalance M-800 Firmware and Scalance S615 Firmware The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | 4.0 |
| 2016-09-27 | CVE-2016-6146 | Information Exposure vulnerability in SAP Trex 7.10 The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226. | 5.3 |
| 2016-09-26 | CVE-2016-6827 | Information Exposure vulnerability in Huawei Fusioncompute Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via unspecified vectors. | 6.5 |
| 2016-09-26 | CVE-2016-3639 | Information Exposure vulnerability in SAP Hana DB 1.00.091.00.1418659308 SAP HANA DB 1.00.091.00.1418659308 allows remote attackers to obtain sensitive topology information via an unspecified HTTP request, aka SAP Security Note 2176128. | 4.3 |
| 2016-09-26 | CVE-2016-5976 | Information Exposure vulnerability in IBM Tealeaf Customer Experience The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 allows remote authenticated users to discover component passwords via unspecified vectors. | 4.9 |
| 2016-09-26 | CVE-2016-5970 | Information Exposure vulnerability in IBM Security Privileged Identity Manager Virtual Appliance 2.0/2.0.2 Directory traversal vulnerability in IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote authenticated users to read arbitrary files via a .. | 6.5 |
| 2016-09-26 | CVE-2016-5946 | Information Exposure vulnerability in IBM products Directory traversal vulnerability in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. | 6.5 |
| 2016-09-26 | CVE-2016-2999 | Information Exposure vulnerability in IBM Connections IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to obtain sensitive information via an unspecified brute-force attack. | 6.5 |
| 2016-09-26 | CVE-2016-0248 | Information Exposure vulnerability in IBM Security Guardium 10.0/9.0 IBM Security Guardium 9.0 before p700 and 10.0 before p100 allows man-in-the-middle attackers to obtain sensitive query-string information from SSL sessions via unspecified vectors. | 3.7 |