Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2023-10-18 CVE-2023-45912 Information Exposure vulnerability in Wipotec Comscale 4.3.29.21344/4.4.12.723
WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing unauthenticated attackers to read files from the underlying operating system and obtain directory listings.
network
low complexity
wipotec CWE-200
7.5
2023-10-17 CVE-2023-45803 Information Exposure vulnerability in multiple products
urllib3 is a user-friendly HTTP client library for Python.
high complexity
python fedoraproject CWE-200
4.2
2023-10-17 CVE-2023-41752 Information Exposure vulnerability in multiple products
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 8.1.8, from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 8.1.9 or 9.2.3, which fixes the issue.
network
low complexity
apache fedoraproject CWE-200
7.5
2023-10-14 CVE-2023-5579 Information Exposure vulnerability in Yzh66 Sandbox 6.1.0
A vulnerability was found in yhz66 Sandbox 6.1.0.
low complexity
yzh66 CWE-200
6.5
2023-10-14 CVE-2023-42780 Information Exposure vulnerability in Apache Airflow
Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs.
network
low complexity
apache CWE-200
6.5
2023-10-13 CVE-2023-39999 Information Exposure vulnerability in multiple products
Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.
network
low complexity
wordpress fedoraproject CWE-200
4.3
2023-10-12 CVE-2023-45143 Information Exposure vulnerability in multiple products
Undici is an HTTP/1.1 client written from scratch for Node.js.
network
low complexity
nodejs fedoraproject CWE-200
3.5
2023-10-11 CVE-2023-44187 Information Exposure vulnerability in Juniper Junos OS Evolved
An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line.
local
low complexity
juniper CWE-200
5.5
2023-10-11 CVE-2023-44097 Information Exposure vulnerability in Huawei Emui and Harmonyos
Vulnerability of the permission to access device SNs being improperly managed.Successful exploitation of this vulnerability may affect service confidentiality.
network
low complexity
huawei CWE-200
7.5
2023-10-10 CVE-2023-42475 Information Exposure vulnerability in SAP S/4Hana
The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality.
network
low complexity
sap CWE-200
4.3