Vulnerabilities > Information Exposure
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-18 | CVE-2023-45912 | Information Exposure vulnerability in Wipotec Comscale 4.3.29.21344/4.4.12.723 WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing unauthenticated attackers to read files from the underlying operating system and obtain directory listings. | 7.5 |
2023-10-17 | CVE-2023-45803 | Information Exposure vulnerability in multiple products urllib3 is a user-friendly HTTP client library for Python. | 4.2 |
2023-10-17 | CVE-2023-41752 | Information Exposure vulnerability in multiple products Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 8.1.8, from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 8.1.9 or 9.2.3, which fixes the issue. | 7.5 |
2023-10-14 | CVE-2023-5579 | Information Exposure vulnerability in Yzh66 Sandbox 6.1.0 A vulnerability was found in yhz66 Sandbox 6.1.0. | 6.5 |
2023-10-14 | CVE-2023-42780 | Information Exposure vulnerability in Apache Airflow Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs. | 6.5 |
2023-10-13 | CVE-2023-39999 | Information Exposure vulnerability in multiple products Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38. | 4.3 |
2023-10-12 | CVE-2023-45143 | Information Exposure vulnerability in multiple products Undici is an HTTP/1.1 client written from scratch for Node.js. | 3.5 |
2023-10-11 | CVE-2023-44187 | Information Exposure vulnerability in Juniper Junos OS Evolved An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. | 5.5 |
2023-10-11 | CVE-2023-44097 | Information Exposure vulnerability in Huawei Emui and Harmonyos Vulnerability of the permission to access device SNs being improperly managed.Successful exploitation of this vulnerability may affect service confidentiality. | 7.5 |
2023-10-10 | CVE-2023-42475 | Information Exposure vulnerability in SAP S/4Hana The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality. | 4.3 |