Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-14 | CVE-2021-20582 | Information Exposure vulnerability in IBM Security Secret Server IBM Security Secret Server up to 11.0 stores sensitive information in URL parameters. | 5.3 |
| 2021-09-09 | CVE-2021-34771 | Information Exposure vulnerability in Cisco IOS XR A vulnerability in the Cisco IOS XR Software CLI could allow an authenticated, local attacker to view more information than their privileges allow. | 5.5 |
| 2021-08-25 | CVE-2021-40086 | Information Exposure vulnerability in Primekey Ejbca An issue was discovered in PrimeKey EJBCA before 7.6.0. | 2.2 |
| 2021-08-20 | CVE-2021-21823 | Information Exposure vulnerability in Komoot 10.26.9/11.0.14/11.1.11 An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. | 7.5 |
| 2021-08-18 | CVE-2021-34749 | Information Exposure vulnerability in Cisco products A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from a compromised host. | 8.6 |
| 2021-08-15 | CVE-2021-37326 | Information Exposure vulnerability in Netsarang Xshell 7 NetSarang Xshell 7 before Build 0077 includes unintended code strings in paste operations. | 5.3 |
| 2021-08-13 | CVE-2021-36793 | Information Exposure vulnerability in Routes Project Routes The routes (aka Extbase Yaml Routes) extension before 2.1.1 for TYPO3, when CsrfTokenViewHelper is used, allows Sensitive Information Disclosure because a session identifier is unsafely present in HTML output. | 7.5 |
| 2021-08-09 | CVE-2021-21584 | Information Exposure vulnerability in Dell products Dell OpenManage Enterprise version 3.5 and OpenManage Enterprise-Modular version 1.30.00 contain an information disclosure vulnerability. | 6.5 |
| 2021-08-09 | CVE-2015-7731 | Information Exposure vulnerability in SAP Mobile Platform 3.0 SAP Mobile Platform 3.0 SP05 ClientHub allows attackers to obtain the keystream and other sensitive information via the DataVault, aka SAP Security Note 2094830. | 5.5 |
| 2021-08-06 | CVE-2021-20594 | Information Exposure vulnerability in Mitsubishielectric products Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions "11" and prior allows a remote unauthenticated attacker to acquire legitimate user names registered in the module via brute-force attack on user names. | 7.5 |