Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-06-27 | CVE-2014-9903 | Information Exposure vulnerability in Linux Kernel 3.14 The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted sched_getattr system call. | 5.5 |
| 2016-06-26 | CVE-2016-0259 | Information Exposure vulnerability in IBM Websphere MQ runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authority requirement and obtain sensitive information via unspecified display commands. | 2.5 |
| 2016-06-25 | CVE-2016-1193 | Information Exposure vulnerability in Cybozu Garoon Cybozu Garoon 3.7 through 4.2 allows remote attackers to obtain sensitive email-reading information via unspecified vectors. | 7.5 |
| 2016-06-24 | CVE-2016-5722 | Information Exposure vulnerability in Huawei Ocean Stor Firmware Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network. | 7.3 |
| 2016-06-24 | CVE-2016-5709 | Information Exposure vulnerability in Solarwinds Virtualization Manager 6.3.1 SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack. | 4.7 |
| 2016-06-24 | CVE-2016-5021 | Information Exposure vulnerability in F5 products The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 allows remote authenticated administrators to obtain sensitive information via unspecified vectors. | 4.9 |
| 2016-06-20 | CVE-2015-8289 | Information Exposure vulnerability in Netgear D3600 Firmware and D6000 Firmware The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code. | 7.5 |
| 2016-06-19 | CVE-2016-1864 | Information Exposure vulnerability in Apple Safari The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL. | 4.3 |
| 2016-06-19 | CVE-2016-1196 | Information Exposure vulnerability in Cybozu Garoon Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different vulnerability than CVE-2015-7776. | 4.3 |
| 2016-06-19 | CVE-2016-1192 | Information Exposure vulnerability in Cybozu Garoon Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors. | 4.3 |