Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-02 | CVE-2022-22303 | Information Exposure vulnerability in Fortinet Fortimanager An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiManager versions prior to 7.0.2, 6.4.7 and 6.2.9 may allow a low privileged authenticated user to gain access to the FortiGate users credentials via the config conflict file. | 5.5 |
| 2022-02-24 | CVE-2022-24633 | Information Exposure vulnerability in Filecloud All versions of FileCloud prior to 21.3 are vulnerable to user enumeration. | 5.3 |
| 2022-02-21 | CVE-2022-0708 | Information Exposure vulnerability in Mattermost Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure. | 6.5 |
| 2022-02-21 | CVE-2022-23984 | Information Exposure vulnerability in Gvectors Wpdiscuz Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11). | 7.5 |
| 2022-02-18 | CVE-2022-0672 | Information Exposure vulnerability in Eclipse Lemminx A flaw was found in LemMinX in versions prior to 0.19.0. | 5.5 |
| 2022-02-18 | CVE-2022-23982 | Information Exposure vulnerability in Quadlayers Perfect Brands for Woocommerce The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure. | 7.5 |
| 2022-02-14 | CVE-2021-45310 | Information Exposure vulnerability in Sangoma Switchvox 102409 Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. | 5.3 |
| 2022-02-14 | CVE-2021-45421 | Information Exposure vulnerability in Emerson Dixell Xweb-500 Firmware Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. | 7.5 |
| 2022-02-11 | CVE-2021-22785 | Information Exposure vulnerability in Schneider-Electric products A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server of the device. | 7.5 |
| 2022-02-10 | CVE-2022-0018 | Information Exposure vulnerability in Paloaltonetworks Globalprotect An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the GlobalProtect portal configuration. | 6.5 |