Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-14 | CVE-2018-16656 | Information Exposure vulnerability in Kyocera Taskalfa 4002I Firmware and Taskalfa 6002I Firmware DoBox_CstmBox_Info.model.htm on Kyocera TASKalfa 4002i and 6002i devices allows remote attackers to read the documents of arbitrary users via a modified HTTP request. | 7.5 |
| 2019-05-13 | CVE-2018-12301 | Information Exposure vulnerability in Seagate NAS OS 4.3.15.1 Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via a Download URL of 127.0.0.1 or localhost. | 7.5 |
| 2019-05-10 | CVE-2019-5437 | Information Exposure vulnerability in Harpjs Harp Information exposure through the directory listing in npm's harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are <= 0.29.0 and no fix was applied to our knowledge. | 5.3 |
| 2019-05-10 | CVE-2018-7083 | Information Exposure vulnerability in multiple products If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. | 7.5 |
| 2019-05-10 | CVE-2017-12884 | Information Exposure vulnerability in Open-Xchange Appsuite OX Software GmbH App Suite 7.8.4 and earlier is affected by: Information Exposure. | 7.5 |
| 2019-05-10 | CVE-2018-1990 | Information Exposure vulnerability in IBM Cloud APP Management 2018.2.0/2018.4.0/2018.4.1 IBM Cloud App Management V2018.2.0, V2018.4.0, and V2018.4.1 could allow an attacker to obtain sensitive configuration information using a specially crafted HTTP request. | 5.3 |
| 2019-05-09 | CVE-2016-1600 | Information Exposure vulnerability in Microfocus Identity Manager The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability. | 7.5 |
| 2019-05-07 | CVE-2018-2008 | Information Exposure vulnerability in IBM Tririga Application Platform 3.5.3.0/3.6.0.0 IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 could disclose sensitive information to an authenticated user that could aid in further attacks against the system. | 4.3 |
| 2019-05-07 | CVE-2018-19456 | Information Exposure vulnerability in multiple products The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql. | 7.5 |
| 2019-05-07 | CVE-2018-13991 | Information Exposure vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images. | 5.3 |