Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-20 | CVE-2022-43959 | Information Exposure vulnerability in Bitrix24 20.0.0/20.0.975/22.0.300 Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit.php. | 4.9 |
| 2023-01-18 | CVE-2022-45103 | Information Exposure vulnerability in Dell products Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. | 6.5 |
| 2023-01-17 | CVE-2023-22875 | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager 7.4.0/7.5.0 IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. | 7.5 |
| 2023-01-17 | CVE-2022-3091 | Information Exposure vulnerability in Ronds Equipment Predictive Maintenance 1.19.5 RONDS EPM version 1.19.5 has a vulnerability in which a function could allow unauthenticated users to leak credentials. | 7.5 |
| 2023-01-10 | CVE-2023-0023 | Information Exposure vulnerability in SAP Bank Account Management 800/900 In SAP Bank Account Management (Manage Banks) application, when a user clicks a smart link to navigate to another app, personal data is shown directly in the URL. | 5.7 |
| 2023-01-07 | CVE-2023-0113 | Information Exposure vulnerability in Netis-Systems Netcore Router Firmware A vulnerability was found in Netis Netcore Router up to 2.2.6. | 7.5 |
| 2023-01-05 | CVE-2023-22453 | Information Exposure vulnerability in Discourse Discourse is an option source discussion platform. | 5.3 |
| 2023-01-05 | CVE-2022-23546 | Information Exposure vulnerability in Discourse In version 2.9.0.beta14 of Discourse, an open-source discussion platform, maliciously embedded urls can leak an admin's digest of recent topics, possibly exposing private information. | 5.5 |
| 2023-01-05 | CVE-2022-43573 | Information Exposure vulnerability in IBM products IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects. | 5.3 |
| 2023-01-04 | CVE-2022-46081 | Information Exposure vulnerability in Garmin Connect 4.61 In Garmin Connect 4.61, terminating a LiveTrack session wouldn't prevent the LiveTrack API from continued exposure of private personal information. | 7.5 |