Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2022-07-12 CVE-2011-4916 Information Exposure vulnerability in Linux Kernel
Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.
local
low complexity
linux CWE-200
2.1
2022-07-12 CVE-2022-35169 Information Exposure vulnerability in SAP Businessobjects Business Intelligence Platform 420/430
SAP BusinessObjects Business Intelligence Platform (LCM) - versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file's password under certain conditions, enabling the attacker to modify the password or import the file into another system causing high impact on confidentiality but a limited impact on the availability and integrity of the application.
network
low complexity
sap CWE-200
6.5
2022-07-12 CVE-2020-4159 Information Exposure vulnerability in IBM Qradar Network Security 5.4.0/5.5.0
IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system.
network
low complexity
ibm CWE-200
5.0
2022-07-12 CVE-2022-29900 Information Exposure vulnerability in multiple products
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
local
low complexity
xen debian fedoraproject amd CWE-200
2.1
2022-07-11 CVE-2022-31139 Information Exposure vulnerability in Unsafe Accessor Project Unsafe Accessor
UnsafeAccessor (UA) is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe.
4.3
2022-07-05 CVE-2022-26365 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
xen linux fedoraproject CWE-200
3.6
2022-07-05 CVE-2022-33740 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
xen linux fedoraproject CWE-200
3.6
2022-07-05 CVE-2022-33741 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
xen linux fedoraproject CWE-200
3.6
2022-07-05 CVE-2022-33742 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
xen linux fedoraproject CWE-200
3.6
2022-06-30 CVE-2021-38954 Information Exposure vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could disclose sensitive version information that could aid in future attacks against the system.
network
low complexity
ibm CWE-200
4.0