Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-06-24 | CVE-2016-5021 | Information Exposure vulnerability in F5 products The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 allows remote authenticated administrators to obtain sensitive information via unspecified vectors. | 4.9 |
| 2016-06-20 | CVE-2015-8289 | Information Exposure vulnerability in Netgear D3600 Firmware and D6000 Firmware The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code. | 7.5 |
| 2016-06-19 | CVE-2016-1864 | Information Exposure vulnerability in Apple Safari The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL. | 4.3 |
| 2016-06-19 | CVE-2016-1196 | Information Exposure vulnerability in Cybozu Garoon Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different vulnerability than CVE-2015-7776. | 4.3 |
| 2016-06-19 | CVE-2016-1192 | Information Exposure vulnerability in Cybozu Garoon Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors. | 4.3 |
| 2016-06-19 | CVE-2015-7776 | Information Exposure vulnerability in Cybozu Garoon Cybozu Garoon 3.x and 4.x before 4.2.0 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, a different vulnerability than CVE-2016-1196. | 4.3 |
| 2016-06-19 | CVE-2015-7462 | Information Exposure vulnerability in IBM Websphere MQ 8.0.0.4 IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to discover cleartext certificate-keystore passwords within MQ trace output by leveraging administrator privileges to execute the mqcertck program. | 4.4 |
| 2016-06-19 | CVE-2016-1225 | Information Exposure vulnerability in Trendmicro Internet Security 10.0/8.0 Trend Micro Internet Security 8 and 10 allows remote attackers to read arbitrary files via unspecified vectors. | 6.5 |
| 2016-06-19 | CVE-2016-4816 | Information Exposure vulnerability in Buffalo products BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors. | 6.5 |
| 2016-06-18 | CVE-2016-1427 | Information Exposure vulnerability in Cisco Prime Network Registrar The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694. | 7.5 |