Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2021-11-23 CVE-2021-37036 Information Exposure vulnerability in Huawei Ecns280 TD Firmware and Fusioncompute
There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and V100R005C10.
local
low complexity
huawei CWE-200
2.1
2021-11-22 CVE-2019-5640 Information Exposure vulnerability in Rapid7 Nexpose
Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous user
network
low complexity
rapid7 CWE-200
5.0
2021-11-15 CVE-2021-41271 Information Exposure vulnerability in Discourse
Discourse is a platform for community discussion.
network
low complexity
discourse CWE-200
5.0
2021-11-15 CVE-2020-12897 Information Exposure vulnerability in AMD Radeon Software 20.11.2/20.7.1
Kernel Pool Address disclosure in AMD Graphics Driver for Windows 10 may lead to KASLR bypass.
local
low complexity
amd CWE-200
2.1
2021-11-15 CVE-2020-12899 Information Exposure vulnerability in AMD Radeon Software 20.7.1
Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or denial of service.
local
low complexity
amd CWE-200
3.6
2021-11-15 CVE-2021-38975 Information Exposure vulnerability in IBM products
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow an authenticated user to to obtain sensitive information from a specially crafted HTTP request.
network
low complexity
ibm CWE-200
4.0
2021-11-15 CVE-2021-38976 Information Exposure vulnerability in IBM products
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 stores user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-200
2.1
2021-11-15 CVE-2021-38978 Information Exposure vulnerability in IBM products
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
ibm CWE-200
4.3
2021-11-12 CVE-2020-4146 Information Exposure vulnerability in IBM Security Siteprotector System 3.1.1.0
IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive information, caused by missing 'HttpOnly' flag.
network
low complexity
ibm CWE-200
5.0
2021-11-12 CVE-2021-42773 Information Exposure vulnerability in Broadcom Emulex HBA Manager
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command.
network
low complexity
broadcom CWE-200
5.0