Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2022-05-18 CVE-2022-23067 Information Exposure vulnerability in Tooljet
ToolJet versions v0.5.0 to v1.2.2 are vulnerable to token leakage via Referer header that leads to account takeover .
network
tooljet CWE-200
6.8
2022-05-17 CVE-2022-23671 Information Exposure vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-200
5.0
2022-05-13 CVE-2022-22325 Information Exposure vulnerability in IBM MQ for HPE Nonstop 8.1.0
IBM MQ (IBM MQ for HPE NonStop 8.1.0) can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace.
local
ibm CWE-200
1.9
2022-05-12 CVE-2022-1650 Information Exposure vulnerability in Eventsource
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository eventsource/eventsource prior to v2.0.2.
5.8
2022-05-11 CVE-2022-29846 Information Exposure vulnerability in Ipswitch Whatsup Gold 22.0.0
In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number.
network
low complexity
ipswitch CWE-200
5.0
2022-05-05 CVE-2022-25990 Information Exposure vulnerability in F5 F5Os-A 1.0.0
On 1.0.x versions prior to 1.0.1, systems running F5OS-A software may expose certain registry ports externally.
network
low complexity
f5 CWE-200
5.0
2022-05-05 CVE-2022-27875 Information Exposure vulnerability in F5 Access for Android
On F5 Access for Android 3.x versions prior to 3.0.8, a Task Hijacking vulnerability exists in the F5 Access for Android application, which may allow an attacker to steal sensitive user information.
network
f5 CWE-200
4.3
2022-05-05 CVE-2021-39020 Information Exposure vulnerability in IBM Guardium Data Encryption
IBM Guardium Data Encryption (GDE) 4.0.0.7 and lower stores sensitive information in URL parameters.
network
low complexity
ibm CWE-200
5.0
2022-05-04 CVE-2022-20734 Information Exposure vulnerability in Cisco Sd-Wan Vmanage 20.6
A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system.
local
low complexity
cisco CWE-200
4.9
2022-05-04 CVE-2022-25787 Information Exposure vulnerability in Secomea products
Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection.
local
low complexity
secomea CWE-200
4.6