Vulnerabilities > Information Exposure
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-01-01 | CVE-2015-7456 | Information Exposure vulnerability in IBM Spectrum Scale IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote authenticated users to discover object-storage admin passwords via unspecified vectors. | 6.5 |
2016-01-01 | CVE-2015-7445 | Information Exposure vulnerability in IBM products IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.x before 1.0.0.4, when guest access is configured, allow remote authenticated users to obtain sensitive information by reading error messages in responses. | 4.3 |
2016-01-01 | CVE-2015-7421 | Information Exposure vulnerability in IBM MQ Appliance M2000 8.0.0.3 Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7420. | 3.7 |
2016-01-01 | CVE-2015-7420 | Information Exposure vulnerability in IBM MQ Appliance M2000 8.0.0.3 Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7421. | 3.7 |
2015-12-31 | CVE-2015-7447 | Information Exposure vulnerability in IBM Websphere Portal IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF09 allows remote attackers to bypass intended Portal AccessControl REST API access restrictions and obtain sensitive information via unspecified vectors. | 5.3 |
2015-12-31 | CVE-2015-2913 | Information Exposure vulnerability in Orientdb 2.0.14/2.1.0 server/network/protocol/http/OHttpSessionManager.java in the Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 improperly relies on the java.util.Random class for generation of random Session ID values, which makes it easier for remote attackers to predict a value by determining the internal state of the PRNG in this class. | 5.9 |
2015-12-31 | CVE-2015-2896 | Information Exposure vulnerability in Idera Uptime Infrastructure Monitor The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS, process, and event-log information via a command. | 5.3 |
2015-12-31 | CVE-2014-4876 | Information Exposure vulnerability in Toshiba 4690 Operating System 6.3 Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly restricted, allows remote attackers to read potentially sensitive system environment variables via a crafted request to TCP port 54138. | 3.7 |
2015-12-30 | CVE-2015-8703 | Information Exposure vulnerability in ZTE Zxhn H108N R1A Firmware and Zxv10 W300 Firmware ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10 W300 devices W300V1.0.0f_ER1_PE allow remote authenticated users to bypass intended access restrictions, and discover credentials and keys, by reading the configuration file, a different vulnerability than CVE-2015-7248. | 6.5 |
2015-12-30 | CVE-2015-7787 | Information Exposure vulnerability in Asus Wl-330Nul Firmware 3.0.0.41 ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors. | 4.3 |