Vulnerabilities > Information Exposure
|2023-01-20||CVE-2021-39089|| Information Exposure vulnerability in IBM Cloud PAK for Security 126.96.36.199/188.8.131.52 |
IBM Cloud Pak for Security (CP4S) 184.108.40.206 through 220.127.116.11 could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request.
| 6.5 |
|2023-01-19||CVE-2022-39167|| Information Exposure vulnerability in IBM Spectrum Virtualize |
IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques.
| 5.9 |
|2023-01-17||CVE-2023-22875|| Information Exposure vulnerability in IBM Qradar Security Information and Event Manager 7.4.0/7.5.0 |
IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key.
| 7.5 |
|2023-01-17||CVE-2022-3091|| Information Exposure vulnerability in Ronds Equipment Predictive Maintenance 1.19.5 |
RONDS EPM version 1.19.5 has a vulnerability in which a function could allow unauthenticated users to leak credentials.
| 7.5 |
|2023-01-10||CVE-2023-0023|| Information Exposure vulnerability in SAP Bank Account Management 800/900 |
In SAP Bank Account Management (Manage Banks) application, when a user clicks a smart link to navigate to another app, personal data is shown directly in the URL.
| 5.7 |
|2023-01-07||CVE-2023-0113|| Information Exposure vulnerability in Netis-Systems Netcore Router Firmware |
A vulnerability was found in Netis Netcore Router.
| 7.5 |
|2023-01-05||CVE-2023-22453|| Information Exposure vulnerability in Discourse |
Discourse is an option source discussion platform.
| 5.3 |
|2023-01-05||CVE-2022-23546|| Information Exposure vulnerability in Discourse |
In version 2.9.0.beta14 of Discourse, an open-source discussion platform, maliciously embedded urls can leak an admin's digest of recent topics, possibly exposing private information.
| 5.5 |
|2023-01-05||CVE-2022-43573|| Information Exposure vulnerability in IBM products |
IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects.
| 5.3 |
|2023-01-05||CVE-2022-43539|| Information Exposure vulnerability in Arubanetworks Clearpass Policy Manager |
A vulnerability exists in the ClearPass Policy Manager cluster communications that allow for an attacker in a privileged network position to potentially obtain sensitive information.
| 4.5 |