Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-31 | CVE-2016-2295 | Information Exposure vulnerability in Moxa products Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allow remote attackers to obtain sensitive cleartext information by reading a configuration file. | 7.5 |
| 2016-05-30 | CVE-2016-2311 | Information Exposure vulnerability in Blackbox products Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmware before SP473, AlertWerks ServSensor Junior with PoE with firmware before SP473, and AlertWerks ServSensor Contact with firmware before SP473 allow remote authenticated users to discover administrator and user passwords via unspecified vectors. | 6.5 |
| 2016-05-30 | CVE-2016-2025 | Information Exposure vulnerability in HP Service Manager HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility components. | 7.5 |
| 2016-05-30 | CVE-2016-2023 | Information Exposure vulnerability in HP Restful Interface Tool 1.40 HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors. | 5.5 |
| 2016-05-29 | CVE-2016-1404 | Information Exposure vulnerability in Cisco UCS Invicta C3124Sa Appliance Cisco UCS Invicta 4.3, 4.5, and 5.0.1 on Invicta appliances and Invicta Scaling System uses the same hardcoded GnuPG encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by sniffing network traffic to an Autosupport server and leveraging knowledge of this key from another installation, aka Bug ID CSCur85504. | 7.5 |
| 2016-05-28 | CVE-2016-1410 | Information Exposure vulnerability in Cisco Webex Meeting Center Cisco WebEx Meeting Center Original Release Base allows remote attackers to obtain sensitive information about username validity by (1) attending or (2) hosting a meeting, aka Bug ID CSCux84312. | 7.5 |
| 2016-05-23 | CVE-2016-3664 | Information Exposure vulnerability in Trend Micro Mobile Security 3.1 Trend Micro Mobile Security for iOS before 3.2.1188 does not verify the X.509 certificate of the mobile application login server, which allows man-in-the-middle attackers to spoof this server and obtain sensitive information via a crafted certificate. | 7.4 |
| 2016-05-23 | CVE-2016-4913 | Information Exposure vulnerability in multiple products The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem. | 7.8 |
| 2016-05-23 | CVE-2016-4580 | Information Exposure vulnerability in multiple products The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request. | 7.5 |
| 2016-05-23 | CVE-2016-4578 | Information Exposure vulnerability in multiple products sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions. | 5.5 |