Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-22 | CVE-2017-6514 | Information Exposure vulnerability in Wordpress 4.7.2 WordPress 4.7.2 mishandles listings of post authors, which allows remote attackers to obtain sensitive information (Path Disclosure) via a /wp-json/oembed/1.0/embed?url= request, related to the "author_name":" substring. | 5.3 |
| 2019-05-22 | CVE-2018-1991 | Information Exposure vulnerability in IBM API Connect IBM API Connect 5.0.0.0, and 5.0.8.6 could could return sensitive information that could provide critical information as to the underlying software stack in CMC UI headers. | 2.7 |
| 2019-05-20 | CVE-2018-2005 | Information Exposure vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2 and 9.5 stores potentially sensitive information in process memory that could be read by a local attacker with elevated permissions. | 3.3 |
| 2019-05-17 | CVE-2019-7353 | Information Exposure vulnerability in Gitlab An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 11.7.x before 11.7.4. | 9.1 |
| 2019-05-15 | CVE-2019-10109 | Information Exposure vulnerability in Gitlab An Information Exposure issue (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. | 5.3 |
| 2019-05-14 | CVE-2018-16656 | Information Exposure vulnerability in Kyocera Taskalfa 4002I Firmware and Taskalfa 6002I Firmware DoBox_CstmBox_Info.model.htm on Kyocera TASKalfa 4002i and 6002i devices allows remote attackers to read the documents of arbitrary users via a modified HTTP request. | 7.5 |
| 2019-05-13 | CVE-2018-12301 | Information Exposure vulnerability in Seagate NAS OS 4.3.15.1 Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via a Download URL of 127.0.0.1 or localhost. | 7.5 |
| 2019-05-10 | CVE-2019-5437 | Information Exposure vulnerability in Harpjs Harp Information exposure through the directory listing in npm's harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are <= 0.29.0 and no fix was applied to our knowledge. | 5.3 |
| 2019-05-10 | CVE-2018-7083 | Information Exposure vulnerability in multiple products If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. | 7.5 |
| 2019-05-10 | CVE-2017-12884 | Information Exposure vulnerability in Open-Xchange Appsuite OX Software GmbH App Suite 7.8.4 and earlier is affected by: Information Exposure. | 7.5 |