Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2018-04-09 CVE-2017-2826 Information Exposure vulnerability in multiple products
An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X.
network
high complexity
zabbix debian CWE-200
3.7
3.7
2018-04-05 CVE-2018-1315 Incorrect Permission Assignment for Critical Resource vulnerability in Apache Hive
In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement is run using HPL/SQL extension to Hive, a compromised/malicious FTP server can cause the file to be written to an arbitrary location on the cluster where the command is run from.
network
high complexity
apache CWE-732
3.7
3.7
2018-04-05 CVE-2018-1284 Information Exposure vulnerability in Apache Hive
In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs (xpath/xpath_string/xpath_boolean/xpath_number/xpath_double/xpath_float/xpath_long/xpath_int/xpath_short) to expose the content of a file on the machine running HiveServer2 owned by HiveServer2 user (usually hive) if hive.server2.enable.doAs=false.
network
high complexity
apache CWE-200
3.7
3.7
2018-04-05 CVE-2018-1000150 Information Exposure vulnerability in Jenkins Reverse Proxy Auth
An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealm#authContext that allows attackers with local file system access to obtain a list of authorities for logged in users.
local
low complexity
jenkins CWE-200
3.3
3.3
2018-04-04 CVE-2017-6426 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Qualcomm SPMI driver.
local
low complexity
google CWE-200
3.3
3.3
2018-04-04 CVE-2017-6425 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Qualcomm video driver.
local
low complexity
google CWE-200
3.3
3.3
2018-04-04 CVE-2017-1733 Information Exposure Through Log Files vulnerability in IBM Qradar Security Information and Event Manager 7.3.0/7.3.1
IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a local user.
local
low complexity
ibm CWE-532
3.3
3.3
2018-04-04 CVE-2016-10236 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Qualcomm USB driver.
local
low complexity
google CWE-200
3.3
3.3
2018-04-03 CVE-2018-4123 Information Exposure vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
low complexity
apple CWE-200
2.4
2.4
2018-04-03 CVE-2017-13877 Information Exposure vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-200
3.3
3.3