Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-24 | CVE-2016-5812 | Information Exposure vulnerability in Moxa Oncell G3001 Firmware and Oncell G3100V2 Firmware Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file. | 3.3 |
| 2016-08-23 | CVE-2016-6364 | Information Exposure vulnerability in Cisco Unified Communications Manager 11.5.0 The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855. | 7.5 |
| 2016-08-23 | CVE-2016-1477 | Information Exposure vulnerability in Cisco Connected Streaming Analytics 1.1.1Base Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891. | 6.5 |
| 2016-08-19 | CVE-2016-5390 | Information Exposure vulnerability in Theforeman Foreman Foreman before 1.11.4 and 1.12.x before 1.12.1 allow remote authenticated users with the view_hosts permission containing a filter to obtain sensitive network interface information via a request to API routes beneath "hosts," as demonstrated by a GET request to api/v2/hosts/secrethost/interfaces. | 5.3 |
| 2016-08-19 | CVE-2016-4995 | Information Exposure vulnerability in Theforeman Foreman Foreman before 1.11.4 and 1.12.x before 1.12.1 does not properly restrict access to preview provisioning templates, which allows remote authenticated users with permission to view some hosts to obtain sensitive host configuration information via a URL with a hostname. | 5.3 |
| 2016-08-10 | CVE-2013-7458 | Information Exposure vulnerability in multiple products linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file. | 3.3 |
| 2016-08-09 | CVE-2016-3329 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability." | 5.3 |
| 2016-08-09 | CVE-2016-3327 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3326. | 5.3 |
| 2016-08-09 | CVE-2016-3326 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3327. | 5.3 |
| 2016-08-09 | CVE-2016-3321 | Information Exposure vulnerability in Microsoft Internet Explorer 10/11 Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a file:// URL and an HTML5 sandbox iframe, aka "Internet Explorer Information Disclosure Vulnerability." | 2.5 |