Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-12 | CVE-2021-21469 | Information Exposure vulnerability in SAP Netweaver Master Data Management 7.10/7.10.750/710 When security guidelines for SAP NetWeaver Master Data Management running on windows have not been thoroughly reviewed, it might be possible for an external operator to try and set custom paths in the MDS server configuration. | 7.5 |
| 2021-01-06 | CVE-2020-4336 | Information Exposure vulnerability in IBM Websphere Extreme Scale IBM WebSphere eXtreme Scale 8.6.1 stores sensitive information in URL parameters. | 5.3 |
| 2021-01-01 | CVE-2020-35934 | Information Exposure vulnerability in Vasyltech Advanced Access Manager The Advanced Access Manager plugin before 6.6.2 for WordPress displays the unfiltered user object (including all metadata) upon login via the REST API (aam/v1/authenticate or aam/v2/authenticate). | 4.3 |
| 2020-12-28 | CVE-2020-35611 | Information Exposure vulnerability in Joomla Joomla! An issue was discovered in Joomla! 2.5.0 through 3.9.22. | 7.5 |
| 2020-12-25 | CVE-2020-35710 | Information Exposure vulnerability in Parallels Remote Application Server 18.0 Parallels Remote Application Server (RAS) 18 allows remote attackers to discover an intranet IP address because submission of the login form (even with blank credentials) provides this address to the attacker's client for use as a "host" value. | 5.3 |
| 2020-12-23 | CVE-2020-25192 | Information Exposure vulnerability in Moxa Nport Iaw5000A-I/O Firmware The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows sensitive information to be displayed without proper authorization. | 5.3 |
| 2020-12-17 | CVE-2020-12518 | Information Exposure vulnerability in Phoenixcontact Plcnext Firmware On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks. | 5.5 |
| 2020-12-16 | CVE-2020-4908 | Information Exposure vulnerability in IBM Financial Transaction Manager for Multiplatform 3.2.4 IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 returns the product version and release information on the login dialog. | 5.3 |
| 2020-12-14 | CVE-2020-8169 | Information Exposure vulnerability in multiple products curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s). | 7.5 |
| 2020-12-14 | CVE-2020-25179 | Information Exposure vulnerability in Gehealthcare products GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network. | 9.8 |