Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-04 | CVE-2021-36151 | Information Exposure vulnerability in Apache Gobblin 0.15.0 In Apache Gobblin, the Hadoop token is written to a temp file that is visible to all local users on Unix-like systems. | 5.5 |
| 2022-02-04 | CVE-2021-38960 | Information Exposure vulnerability in IBM products IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. | 7.5 |
| 2022-01-28 | CVE-2021-22815 | Information Exposure vulnerability in Schneider-Electric products A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed. | 5.3 |
| 2022-01-28 | CVE-2021-22825 | Information Exposure vulnerability in Schneider-Electric products A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could allow an attacker to access the system with elevated privileges when a privileged account clicks on a malicious URL that compromises the security token. | 8.0 |
| 2022-01-28 | CVE-2021-31567 | Information Exposure vulnerability in Wpchill Download Monitor Authenticated (admin+) Arbitrary File Download vulnerability discovered in Download Monitor WordPress plugin (versions <= 4.4.6). | 6.8 |
| 2022-01-28 | CVE-2021-40340 | Information Exposure vulnerability in Hitachi Linkone Information Exposure vulnerability in Hitachi Energy LinkOne application, due to a misconfiguration in the ASP server exposes server and ASP.net information, an attacker that manages to exploit this vulnerability can use the exposed information as a reconnaissance for further exploitation. | 7.5 |
| 2022-01-26 | CVE-2021-29838 | Information Exposure vulnerability in IBM Security Guardium Insights 3.0.0 IBM Security Guardium Insights 3.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2022-01-26 | CVE-2021-44692 | Information Exposure vulnerability in Buddyboss BuddyBoss Platform through 1.8.0 allows remote attackers to obtain the email address of each user. | 5.3 |
| 2022-01-25 | CVE-2021-40159 | Information Exposure vulnerability in Autodesk products An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process. | 7.8 |
| 2022-01-21 | CVE-2021-23195 | Information Exposure vulnerability in Fresenius-Kabi products Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 has the option for automated indexing (directory listing) activated. | 5.3 |