Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-11 | CVE-2020-27134 | Information Exposure vulnerability in Cisco Jabber and Jabber for Mobile Platforms Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. | 9.9 |
| 2020-12-11 | CVE-2020-26417 | Information Exposure vulnerability in Gitlab Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. | 5.3 |
| 2020-12-11 | CVE-2020-26413 | Information Exposure vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. | 5.3 |
| 2020-12-08 | CVE-2020-9849 | Information Exposure vulnerability in Apple products An information disclosure issue was addressed with improved state management. | 6.5 |
| 2020-12-03 | CVE-2020-17527 | Information Exposure vulnerability in multiple products While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. | 7.5 |
| 2020-12-03 | CVE-2020-5676 | Information Exposure vulnerability in Weseek Growi GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to access via unspecified vectors. | 7.5 |
| 2020-11-26 | CVE-2020-29043 | Information Exposure vulnerability in Bigbluebutton An issue was discovered in BigBlueButton through 2.2.29. | 7.5 |
| 2020-11-24 | CVE-2020-28333 | Information Exposure vulnerability in Barco Wepresent Wipg-1600W Firmware 2.5.1.8 Barco wePresent WiPG-1600W devices allow Authentication Bypass. | 9.8 |
| 2020-11-19 | CVE-2020-12496 | Information Exposure vulnerability in Endress products Endress+Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) and Memograph M (Neutral/Private Label) (RSG45, ORSG45) with Firmware version V2.0.0 and above is prone to exposure of sensitive information to an unauthorized actor. | 6.5 |
| 2020-11-19 | CVE-2020-25703 | Information Exposure vulnerability in multiple products The participants table download in Moodle always included user emails, but should have only done so when users' emails are not hidden. | 5.3 |