Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-26 | CVE-2021-26566 | Information Exposure vulnerability in Synology products Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary commands via inbound QuickConnect traffic. | 9.0 |
| 2021-02-26 | CVE-2020-28199 | Information Exposure vulnerability in Bestit Amazon PAY best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an Unauthorized Actor. | 9.1 |
| 2021-02-24 | CVE-2021-21621 | Information Exposure vulnerability in Jenkins Support Core Jenkins Support Core Plugin 2.72 and earlier provides the serialized user authentication as part of the "About user (basic authentication details only)" information, which can include the session ID of the user creating the support bundle in some configurations. | 5.3 |
| 2021-02-24 | CVE-2021-20656 | Information Exposure vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.0/6.00 Exposure of information through directory listing in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain the information inside the system, such as directories and/or file configurations via unspecified vectors. | 4.3 |
| 2021-02-23 | CVE-2021-26593 | Information Exposure vulnerability in Rangerstudio Directus In Directus 8.x through 8.8.1, an attacker can see all users in the CMS using the API /users/{id}. | 7.5 |
| 2021-02-23 | CVE-2020-4953 | Information Exposure vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 could allow a remote authenticated attacker to obtain information about an organization's internal structure by exposing sensitive information in HTTP repsonses. | 4.3 |
| 2021-02-23 | CVE-2020-29075 | Information Exposure vulnerability in Adobe products Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.30010 (and earlier) and 2017.011.30180 (and earlier) are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the filesystem without a prompt. | 6.5 |
| 2021-02-22 | CVE-2020-11281 | Information Exposure vulnerability in Qualcomm products Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. | 7.5 |
| 2021-02-22 | CVE-2020-35681 | Information Exposure vulnerability in Djangoproject Channels 3.0.0/3.0.1/3.0.2 Django Channels 3.x before 3.0.3 allows remote attackers to obtain sensitive information from a different request scope. | 7.4 |
| 2021-02-19 | CVE-2021-21512 | Information Exposure vulnerability in Dell EMC Powerprotect Cyber Recovery 19.7.0.1 Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. | 6.0 |