Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-03-12 | CVE-2016-0823 | Information Exposure vulnerability in multiple products The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721. | 4.0 |
| 2016-03-12 | CVE-2016-1562 | Information Exposure vulnerability in DTE Energy Insight 1.7.7 The REST API in the DTE Energy Insight application before 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter. | 4.3 |
| 2016-03-12 | CVE-2016-1360 | Information Exposure vulnerability in Cisco Prime LAN Management Solution Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390. | 7.1 |
| 2016-03-12 | CVE-2015-6485 | Information Exposure vulnerability in Schneider-Electric Telvent RTU Firmware C3413500001D3/C3414500S02J1 Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet. | 5.3 |
| 2016-03-09 | CVE-2016-0886 | Information Exposure vulnerability in EMC Documentum XCP 2.1/2.2 EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows remote authenticated users to obtain sensitive user-account metadata via a members/xcp_member API call. | 4.3 |
| 2016-03-09 | CVE-2016-1325 | Information Exposure vulnerability in Cisco Dpc3939 Wireless Residential Voice Gateway Firmware 130514Acmcstbase The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506. | 7.5 |
| 2016-03-09 | CVE-2016-0125 | Information Exposure vulnerability in Microsoft Edge Microsoft Edge mishandles the Referer policy, which allows remote attackers to obtain sensitive browser-history and request information via a crafted HTTPS web site, aka "Microsoft Edge Information Disclosure Vulnerability." | 3.1 |
| 2016-03-06 | CVE-2016-2845 | Information Exposure vulnerability in Google Chrome The Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 49.0.2623.75, does not ignore a URL's path component in the case of a ServiceWorker fetch, which allows remote attackers to obtain sensitive information about visited web pages by reading CSP violation reports, related to FrameFetchContext.cpp and ResourceFetcher.cpp. | 5.3 |
| 2016-03-06 | CVE-2016-1637 | Information Exposure vulnerability in Google Chrome The SkATan2_255 function in effects/gradients/SkSweepGradient.cpp in Skia, as used in Google Chrome before 49.0.2623.75, mishandles arctangent calculations, which allows remote attackers to obtain sensitive information via a crafted web site. | 6.5 |
| 2016-03-04 | CVE-2016-2244 | Information Exposure vulnerability in HP Futuresmart Firmware 3.7 HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified vectors. | 5.9 |