Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-23 | CVE-2021-37036 | Information Exposure vulnerability in Huawei Ecns280 TD Firmware and Fusioncompute There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and V100R005C10. | 2.1 |
| 2021-11-22 | CVE-2019-5640 | Information Exposure vulnerability in Rapid7 Nexpose Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous user | 5.0 |
| 2021-11-15 | CVE-2021-41271 | Information Exposure vulnerability in Discourse Discourse is a platform for community discussion. | 5.0 |
| 2021-11-15 | CVE-2020-12897 | Information Exposure vulnerability in AMD Radeon Software 20.11.2/20.7.1 Kernel Pool Address disclosure in AMD Graphics Driver for Windows 10 may lead to KASLR bypass. | 2.1 |
| 2021-11-15 | CVE-2020-12899 | Information Exposure vulnerability in AMD Radeon Software 20.7.1 Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or denial of service. | 3.6 |
| 2021-11-15 | CVE-2021-38975 | Information Exposure vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow an authenticated user to to obtain sensitive information from a specially crafted HTTP request. | 4.0 |
| 2021-11-15 | CVE-2021-38976 | Information Exposure vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 stores user credentials in plain clear text which can be read by a local user. | 2.1 |
| 2021-11-15 | CVE-2021-38978 | Information Exposure vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 4.3 |
| 2021-11-12 | CVE-2020-4146 | Information Exposure vulnerability in IBM Security Siteprotector System 3.1.1.0 IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive information, caused by missing 'HttpOnly' flag. | 5.0 |
| 2021-11-12 | CVE-2021-42773 | Information Exposure vulnerability in Broadcom Emulex HBA Manager Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command. | 5.0 |