Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-31 | CVE-2016-5677 | Information Exposure vulnerability in multiple products NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an __nvr_status___.php request. | 7.5 |
| 2016-08-30 | CVE-2016-0397 | Information Exposure vulnerability in IBM Bigfix Webreports WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic. | 5.9 |
| 2016-08-30 | CVE-2016-0292 | Information Exposure vulnerability in IBM Bigfix WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows local users to discover the cleartext system password by reading a report. | 5.5 |
| 2016-08-26 | CVE-2016-4378 | Information Exposure vulnerability in HP XP7 Command View and XP 9000 Command View The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors. | 7.5 |
| 2016-08-26 | CVE-2016-1497 | Information Exposure vulnerability in F5 products The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors. | 4.9 |
| 2016-08-25 | CVE-2016-6231 | Information Exposure vulnerability in Kaspersky Safe Browser Kaspersky Safe Browser iOS before 1.7.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. | 5.9 |
| 2016-08-24 | CVE-2016-5812 | Information Exposure vulnerability in Moxa Oncell G3001 Firmware and Oncell G3100V2 Firmware Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file. | 3.3 |
| 2016-08-23 | CVE-2016-6364 | Information Exposure vulnerability in Cisco Unified Communications Manager 11.5.0 The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855. | 7.5 |
| 2016-08-23 | CVE-2016-1477 | Information Exposure vulnerability in Cisco Connected Streaming Analytics 1.1.1Base Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891. | 6.5 |
| 2016-08-19 | CVE-2016-5390 | Information Exposure vulnerability in Theforeman Foreman Foreman before 1.11.4 and 1.12.x before 1.12.1 allow remote authenticated users with the view_hosts permission containing a filter to obtain sensitive network interface information via a request to API routes beneath "hosts," as demonstrated by a GET request to api/v2/hosts/secrethost/interfaces. | 5.3 |