Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-18 | CVE-2022-30625 | Information Exposure vulnerability in Chcnav P5E Gnss Firmware 4.1/4.2 Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. | 5.3 |
| 2022-07-14 | CVE-2022-2401 | Information Exposure vulnerability in Mattermost Server Unrestricted information disclosure of all users in Mattermost version 6.7.0 and earlier allows team members to access some sensitive information by directly accessing the APIs. | 6.5 |
| 2022-07-14 | CVE-2021-39019 | Information Exposure vulnerability in IBM Engineering Lifecycle Optimization Publishing IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user. | 6.5 |
| 2022-07-14 | CVE-2022-1662 | Information Exposure vulnerability in Convert2Rhel Project Convert2Rhel 0.24/0.25 In convert2rhel, there's an ansible playbook named ansible/run-convert2rhel.yml which passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. | 5.5 |
| 2022-07-12 | CVE-2011-4916 | Information Exposure vulnerability in Linux Kernel Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*. | 5.5 |
| 2022-07-12 | CVE-2022-35169 | Information Exposure vulnerability in SAP Businessobjects Business Intelligence Platform 420/430 SAP BusinessObjects Business Intelligence Platform (LCM) - versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file's password under certain conditions, enabling the attacker to modify the password or import the file into another system causing high impact on confidentiality but a limited impact on the availability and integrity of the application. | 6.0 |
| 2022-07-12 | CVE-2020-4159 | Information Exposure vulnerability in IBM Qradar Network Security 5.4.0/5.5.0 IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system. | 7.5 |
| 2022-07-11 | CVE-2022-29512 | Information Exposure vulnerability in Cybozu Garoon Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege. | 6.5 |
| 2022-07-05 | CVE-2022-33741 | Information Exposure vulnerability in multiple products Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). | 7.1 |
| 2022-07-05 | CVE-2022-33742 | Information Exposure vulnerability in multiple products Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). | 7.1 |