Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-10-28 | CVE-2013-6014 | Information Exposure vulnerability in Juniper Junos Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3, 13.1 before 13.1R3, and 13.2 before 13.2R1, when Proxy ARP is enabled on an unnumbered interface, allows remote attackers to perform ARP poisoning attacks and possibly obtain sensitive information via a crafted ARP message. | 9.3 |
| 2012-05-24 | CVE-2011-2898 | Information Exposure vulnerability in Linux Kernel net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application. | 5.5 |
| 2012-05-24 | CVE-2011-2707 | Information Exposure vulnerability in Linux Kernel The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request. | 6.0 |
| 2010-09-30 | CVE-2010-2943 | Information Exposure vulnerability in multiple products The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle. | 8.1 |
| 2010-09-30 | CVE-2010-2538 | Information Exposure vulnerability in multiple products Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call. | 5.5 |
| 2010-09-21 | CVE-2010-3078 | Information Exposure vulnerability in multiple products The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call. | 5.5 |
| 2009-06-05 | CVE-2009-0783 | Information Exposure vulnerability in Apache Tomcat Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application. | 4.2 |
| 2007-05-03 | CVE-2007-2479 | Information Exposure vulnerability in Cerulean Studios Trillian 3.1 Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be sent to the attacker. | 5.9 |
| 1997-01-01 | CVE-1999-0236 | Information Exposure vulnerability in multiple products ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. | 7.5 |