Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2015-12-27 CVE-2015-8252 Information Exposure vulnerability in RSI Video Technologies Frontel Protocol 2.0
The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and performing a "jumbled up" calculation with this number.
network
high complexity
rsi-video-technologies CWE-200
5.9
2015-12-26 CVE-2015-8669 Information Exposure vulnerability in PHPmyadmin
libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.
network
low complexity
phpmyadmin CWE-200
5.3
2015-12-26 CVE-2015-6409 Information Exposure vulnerability in Cisco Jabber 10.6(2)
Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419.
network
high complexity
cisco CWE-200
5.9
2015-12-24 CVE-2015-7934 Information Exposure vulnerability in Adcon A840 Telemetry Gateway Base Station Firmware
The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors.
network
low complexity
adcon CWE-200
8.6
2015-12-24 CVE-2015-7932 Information Exposure vulnerability in Adcon A840 Telemetry Gateway Base Station Firmware
Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to obtain sensitive information by sniffing the network.
network
low complexity
adcon CWE-200
8.6
2015-12-23 CVE-2015-7929 Information Exposure vulnerability in Ewon Firmware 10.0S0
eWON devices with firmware through 10.1s0 support unspecified GET requests, which might allow remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history.
network
low complexity
ewon CWE-200
4.3
2015-12-23 CVE-2015-7928 Information Exposure vulnerability in Ewon Firmware 10.0S0
eWON devices with firmware before 10.1s0 do not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
network
low complexity
ewon CWE-200
8.5
2015-12-23 CVE-2015-7926 Information Exposure vulnerability in Ewon Firmware 10.0S0
eWON devices with firmware before 10.1s0 omit RBAC for I/O server information and status requests, which allows remote attackers to obtain sensitive information via an unspecified URL.
network
low complexity
ewon CWE-200
critical
9.9
2015-12-23 CVE-2015-7935 Information Exposure vulnerability in Motorola Moscad IP Gateway Firmware
Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors.
network
low complexity
motorola CWE-200
7.5
2015-12-23 CVE-2015-6471 Information Exposure vulnerability in Eaton Proview
Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does not properly initialize padding fields in Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data.
network
low complexity
eaton CWE-200
5.3