Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-16 | CVE-2020-35568 | Information Exposure vulnerability in multiple products An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. | 4.3 |
| 2021-02-08 | CVE-2021-21435 | Information Exposure vulnerability in Otrs Article Bcc fields and agent personal information are shown when customer prints the ticket (PDF) via external interface. | 6.5 |
| 2021-02-08 | CVE-2020-1779 | Information Exposure vulnerability in Otrs Ticket Forms When dynamic templates are used (OTRSTicketForms), admin can use OTRS tags which are not masked properly and can reveal sensitive information. | 4.9 |
| 2021-02-04 | CVE-2020-4640 | Information Exposure vulnerability in IBM API Connect Certain IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 configurations can result in sensitive information in the URL fragment identifiers. | 4.1 |
| 2021-02-02 | CVE-2020-14192 | Information Exposure vulnerability in Atlassian Crucible Affected versions of Atlassian Fisheye and Crucible allow remote attackers to view a product's SEN via an Information Disclosure vulnerability in the x-asen response header from Atlassian Analytics. | 4.3 |
| 2021-01-28 | CVE-2021-26067 | Information Exposure vulnerability in Atlassian Bamboo Affected versions of Atlassian Bamboo allow an unauthenticated remote attacker to view a stack trace that may reveal the path for the home directory in disk and if certain files exists on the tmp directory, via a Sensitive Data Exposure vulnerability in the /chart endpoint. | 5.3 |
| 2021-01-27 | CVE-2020-4967 | Information Exposure vulnerability in IBM Cloud PAK for Security 1.3.0.1 IBM Cloud Pak for Security (CP4S) 1.3.0.1 could disclose sensitive information through HTTP headers which could be used in further attacks against the system. | 4.3 |
| 2021-01-27 | CVE-2020-4815 | Information Exposure vulnerability in IBM Cloud PAK for Security 1.4.0.0 IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote user to obtain sensitive information from HTTP response headers that could be used in further attacks against the system. | 5.3 |
| 2021-01-21 | CVE-2020-3687 | Information Exposure vulnerability in Qualcomm Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue. | 5.5 |
| 2021-01-20 | CVE-2020-19363 | Information Exposure vulnerability in Vtiger CRM 7.2.0 Vtiger CRM v7.2.0 allows an attacker to display hidden files, list directories by using /libraries and /layout directories. | 6.5 |