Microsoft Windows Kernel CVE-2018-0830 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Cisco Data Center Analytics Framework Reflected Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is du...

Apache Default Index Page

The remote web server uses the default Apache index page. This page may contain some sensitive data like the server root and installation paths. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid106230; scriptversion"1.6";...

Cisco WebEx Meetings Server Information Disclosure Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to a design flaw i...

Information Disclosure

logstash-core is vulnerable to information disclosure. When deprecated config settings are being used, logstash may log sensitive information...

Information disclosure

The Yodobashi App for Android 1.2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Stack overflow

The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a writemmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h...

CVE-2017-1507

CVE-2017-1507 corresponds to an information-disclosure vulnerability in IBM Jazz Foundation/CLM stack (e.g., Rational CLM, RTC, RQM, DOORS Next Gen, etc.) where a scan could leak sensitive data. Affected versions include Rational CLM/RCS/RTC/RQM families from 4.0 up to 6.0.4, with remediation via...

Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16404)

A Out-of-bounds Read vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to the computation that writes data past the end of the intended buffer. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code...

Trend Micro Control Manager TreeUserControl_process_tree_event XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

CVE-2017-14680

ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document...

X (Formerly Twitter): Sensitive Information Disclosure https://cards-dev.twitter.com

Dear Twitter Team, While researching through one of your domain cards-dev.twitter.com i discovered that the host is disclosing sensitive information when a user browses to a specific directory https://cards-dev.twitter.com:443/keys/. The application downloads a file json.json which discloses the...

CVE-2017-6793

The CVE-2017-6793 entry concerns Cisco Prime Collaboration Provisioning Tool, specifically its Inventory Management feature. A vulnerability arises from insufficient protection of restricted information, enabling an authenticated, remote attacker to view sensitive data through the user interface....

Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2017-8919

NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password when a user attempts to log in using the REST API, which allows remote authenticated users to obtain sensitive password information via unspecified vectors...

Microsoft Windows CVE-2017-8557 Local XML External Entity Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...

CVE-2017-6706

A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. More Information: CSCvd07260. Known Affected Releases: 12.1...

CVE-2017-9868

In Mosquitto through 1.4.12, mosquitto.db aka the persistence file is world readable, which allows local users to obtain sensitive MQTT topic information...

CVE-2017-9868

In Mosquitto through 1.4.12, mosquitto.db aka the persistence file is world readable, which allows local users to obtain sensitive MQTT topic information...

Microsoft Windows Kernel CVE-2017-8474 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...