Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-14 | CVE-2021-25110 | Information Exposure vulnerability in Futuriowp Futurio Extra The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user's email address. | 4.3 |
| 2022-02-11 | CVE-2021-22785 | Information Exposure vulnerability in Schneider-Electric products A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server of the device. | 7.5 |
| 2022-02-10 | CVE-2022-0018 | Information Exposure vulnerability in Paloaltonetworks Globalprotect An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the GlobalProtect portal configuration. | 6.5 |
| 2022-02-09 | CVE-2021-0166 | Information Exposure vulnerability in Intel products Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
| 2022-02-09 | CVE-2021-0170 | Information Exposure vulnerability in Intel products Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2022-02-09 | CVE-2022-22542 | Information Exposure vulnerability in SAP S/4Hana 104/105/106 S/4HANA Supplier Factsheet exposes the private address and bank details of an Employee Business Partner with Supplier Role, AND Enterprise Search for Customer, Supplier and Business Partner objects exposes the private address fields of Employee Business Partners, to an actor that is not explicitly authorized to have access to that information, which could compromise Confidentiality. | 6.5 |
| 2022-02-09 | CVE-2022-22545 | Information Exposure vulnerability in SAP Netweaver Abap A high privileged user who has access to transaction SM59 can read connection details stored with the destination for http calls in SAP NetWeaver Application Server ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756. | 4.9 |
| 2022-02-07 | CVE-2022-21712 | Information Exposure vulnerability in multiple products twisted is an event-driven networking engine written in Python. | 7.5 |
| 2022-02-07 | CVE-2022-0474 | Information Exposure vulnerability in Otrs Custom Contact Fields Full list of recipients from customer users in a contact field could be disclosed in notification emails event when the notification is set to be sent to each recipient individually. | 3.5 |
| 2022-02-04 | CVE-2020-12966 | Information Exposure vulnerability in AMD products AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). | 5.5 |