Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2017-07-21 CVE-2017-1381 Information Exposure vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 7.0, 8.0, 8.5, 9.0 and could allow a local attacker to obtain sensitive information, caused by stale data being cached and then served.
local
low complexity
ibm CWE-200
3.3
3.3
2017-07-20 CVE-2017-7058 Information Exposure vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
low complexity
apple CWE-200
2.4
2.4
2017-07-12 CVE-2017-9843 Unspecified vulnerability in SAP Netweaver Abap 7.40
SAP NetWeaver AS ABAP 7.40 allows remote authenticated users with certain privileges to cause a denial of service (process crash) via vectors involving disp+work.exe, aka SAP Security Note 2406841.
network
low complexity
sap
2.7
2.7
2017-07-06 CVE-2017-0709 Information Exposure vulnerability in Google Android 7.1.2
A information disclosure vulnerability in the HTC sensor hub driver.
local
low complexity
google CWE-200
3.3
3.3
2017-07-05 CVE-2017-1144 Untrusted Search Path vulnerability in IBM Integration BUS and Websphere Message Broker
IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting.
local
high complexity
ibm CWE-426
2.5
2.5
2017-07-05 CVE-2017-1176 Information Exposure vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local user to obtain sensitive information due to inappropriate data retention of attachments.
local
low complexity
ibm CWE-200
3.3
3.3
2017-07-05 CVE-2016-0238 Information Exposure vulnerability in IBM Security Guardium
IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request.
network
high complexity
ibm CWE-200
3.7
3.7
2017-06-15 CVE-2017-5244 Cross-Site Request Forgery (CSRF) vulnerability in Rapid7 Metasploit
Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET requests.
network
low complexity
rapid7 CWE-352
3.5
3.5
2017-06-13 CVE-2015-9032 Information Exposure vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a DRM key was exposed to QTEE applications.
local
low complexity
google CWE-200
3.3
3.3
2017-06-13 CVE-2015-9031 Information Exposure vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a TZ memory address is exposed to HLOS by HDCP.
local
low complexity
google CWE-200
3.3
3.3