Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-29 | CVE-2022-46150 | Information Exposure vulnerability in Discourse Discourse is an open-source discussion platform. | 4.3 |
| 2022-11-23 | CVE-2022-38113 | Information Exposure vulnerability in Solarwinds Security Event Manager 2022.4 This vulnerability discloses build and services versions in the server response header. | 5.3 |
| 2022-11-19 | CVE-2022-41939 | Information Exposure vulnerability in Linuxfoundation Knative Func knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. | 7.4 |
| 2022-11-15 | CVE-2022-42132 | Information Exposure vulnerability in Liferay Digital Experience Platform 7.0/7.1/7.2 The Test LDAP Users functionality in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.0 fix pack 102 and earlier, 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before update 4, and DXP 7.4 GA includes the LDAP credential in the page URL when paginating through the list of users, which allows man-in-the-middle attackers or attackers with access to the request logs to see the LDAP credential. | 5.9 |
| 2022-11-14 | CVE-2022-27949 | Information Exposure vulnerability in Apache Airflow A vulnerability in UI of Apache Airflow allows an attacker to view unmasked secrets in rendered template values for tasks which were not executed (for example when they were depending on past and previous instances of the task failed). | 7.5 |
| 2022-11-02 | CVE-2022-33878 | Information Exposure vulnerability in Fortinet Forticlient An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal. | 5.5 |
| 2022-11-02 | CVE-2022-35842 | Information Exposure vulnerability in Fortinet Fortios An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiOS SSL-VPN versions 7.2.0, versions 7.0.0 through 7.0.6 and versions 6.4.0 through 6.4.9 may allow a remote unauthenticated attacker to gain information about LDAP and SAML settings configured in FortiOS. | 7.5 |
| 2022-10-27 | CVE-2021-45475 | Information Exposure vulnerability in Yordam Library Automation System Yordam Library Information Document Automation product before version 19.02 has an unauthenticated Information disclosure vulnerability. | 5.3 |
| 2022-10-25 | CVE-2022-27912 | Information Exposure vulnerability in Joomla Joomla! An issue was discovered in Joomla! 4.0.0 through 4.2.3. | 5.3 |
| 2022-10-17 | CVE-2020-8975 | Information Exposure vulnerability in Zigor ZGR Tps200 NG Firmware 2.00 ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application and knowledge of the routes (URIs) used by the application, to access sensitive information about the system. | 7.5 |