LabVantage version 8.3 suffers from an information disclosure vulnerability.

SmartClient version 120 suffers from information disclosure, local file inclusion, remote file upload, and XML external entity injection vulnerabilities.

ManageEngine EventLog Analyzer version 10.0 suffers from an information disclosure vulnerability.

Citrix Gateway versions 11.1, 12.0, and 12.1 suffer from an information disclosure vulnerability.

HP ThinPro versions 7.1, 7.0, 6.2.1, and 6.2 suffer from a local physical access information disclosure vulnerability.

MicroStrategy Intelligence Server and Web version 10.4 suffers from remote code execution, cross site scripting, server-side request forgery, and information disclosure vulnerabilities.

The Swift File Transfer mobile application for ios, blackberry and android suffers from cross site scripting and information disclosure vulnerabilities.

Edimax EW-7438RPn suffers from an information disclosure vulnerability.

File Explorer version 1.4 for iOS suffers from an information disclosure vulnerability.

webERP version 4.15.1 suffers from an unauthenticated backup file disclosure vulnerability.

Armis has discovered five critical, zero-day vulnerabilities in various implementations of the Cisco Discovery Protocol (CDP) that can allow remote attackers to completely take over devices.

IRIX suffers from local kernel memory disclosure and denial of service vulnerabilities.

PalmCrack, the password testing tool for the Palm Computing Platform. Designed to help security professionals determine the strength of passwords, PalmCrack is able to check UNIX and NT passwords against a dictionary and decrypt certain Cisco router passwords. PalmCrack runs on PalmOS 2 and PalmOS 3 devices, including the PalmPilot Professional through the PalmVII and the IBM WorkPad series.

SkyWrapper is a tool from CyberArk that helps to discover suspicious creation forms and uses of temporary tokens in AWS.

A low impact information disclosure vulnerability in the setuid root xlock binary distributed with Solaris may allow local users to read partial contents of sensitive files. Due to the fact that target files must be in a very specific format, exploitation of this flaw to escalate privileges in a realistic scenario is unlikely.

Avast Anti-Virus versions prior to 19.1.2360 suffer from a local credential disclosure vulnerability.

Apple iPhone 4 with iOS 4.3 (8F190) suffers from a passphrase disclosure vulnerability that allows all local processes access to it.

Vopium for Android and iPhone leaks various data such as your password by passing it in the clear.

Air Disk Wireless version 1.9 for iPad and iPhone suffers from local file inclusion and command injection vulnerabilities.

DA-WIN, a wireless IDS, provides an organization a continuous wireless scanning capability that is light touch and simple. It utilizes compact and discreet sensors that can easily be deployed reducing the total cost of protection and simplifying the effort required for absolute, categoric regulatory compliance. This archive includes a dd image to be used on a Raspberry Pi and a user manual.

DA-WIN, a wireless IDS, provides an organization a continuous wireless scanning capability that is light touch and simple. It utilizes compact and discreet sensors that can easily be deployed reducing the total cost of protection and simplifying the effort required for absolute, categoric regulatory compliance. This archive includes a dd image to be used on a Raspberry Pi and a user manual.

TRENDnet TEW-818RDU versions 1 ("ac1900") and 2 ("ac3200") PIN disclosure exploit.

The FLIR Brickstream 3D+ sensor is vulnerable to unauthenticated config download and file disclosure vulnerability when calling the ExportConfig REST API (getConfigExportFile.cgi). This will enable the attacker to disclose sensitive information and help her in authentication bypass, privilege escalation and/or full system access.

An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an information disclosure, resulting in the exposure of confidential information, including, but not limited to, plaintext passwords and SNMP community strings. An attacker can make an authenticated HTTP request, or run the binary, to trigger this vulnerability.

An exploitable information disclosure vulnerability exists in the ACEManager template_load.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can make an authenticated HTTP request to trigger this vulnerability.

The Rifatron Intelligent Digital Security System DVR suffers from an unauthenticated and unauthorized live stream disclosure when animate.cgi script is called through Mobile Web Viewer module.

A series of U.S. renewable energy incentives violated international trade rules, according to the World Trade Organization, threatening to stoke tensions between the two countries as President Donald Trump prepares to meet Prime Minister Narendra Modi on Friday.

Global demand for air-conditioning is projected to triple over the next 30 years, as the planet warms and urban populations grow, particularly in emerging markets. Meeting that demand will call for significant investments in new cooling infrastructure and the electrical generating capacity necessary to power it. Although traditional cooling technologies are expected to become more efficient in coming years, countries will need to plan for these additional loads, which will be expensive. Emerging markets can also make use of district cooling, an approach that the Gulf Cooperation Council (GCC), which consists of six Middle Eastern countries — Saudi Arabia, Kuwait, the United Arab Emirates, Qatar, Bahrain, and Oman — have successfully adopted.