Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-08 | CVE-2021-3413 | Information Exposure vulnerability in multiple products A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0. | 6.3 |
| 2021-04-08 | CVE-2021-1406 | Information Exposure vulnerability in Cisco Unified Communications Manager A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to access sensitive information on an affected device. | 4.9 |
| 2021-04-05 | CVE-2021-24170 | Information Exposure vulnerability in Cozmoslabs User Profile Picture The REST API endpoint get_users in the User Profile Picture WordPress plugin before 2.5.0 returned more information than was required for its functionality to users with the upload_files capability. | 7.5 |
| 2021-04-05 | CVE-2021-24167 | Information Exposure vulnerability in Web-Stat When visiting a site running Web-Stat < 1.4.0, the "wts_web_stat_load_init" function used the visitor’s browser to send an XMLHttpRequest request to https://wts2.one/ajax.htm?action=lookup_WP_account. | 7.5 |
| 2021-04-02 | CVE-2020-11922 | Information Exposure vulnerability in Wizconnected A60 Colors Firmware 1.14.0 An issue was discovered in WiZ Colors A60 1.14.0. | 4.3 |
| 2021-04-02 | CVE-2021-21400 | Information Exposure vulnerability in Wire Wire-Webapp wire-webapp is an open-source front end for Wire, a secure collaboration platform. | 6.5 |
| 2021-04-01 | CVE-2021-22876 | Information Exposure vulnerability in multiple products curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. | 5.3 |
| 2021-03-26 | CVE-2021-21396 | Information Exposure vulnerability in Wire Server 20210216/20210225 wire-server is an open-source back end for Wire, a secure collaboration platform. | 6.5 |
| 2021-03-26 | CVE-2021-22172 | Information Exposure vulnerability in Gitlab Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page | 4.3 |
| 2021-03-26 | CVE-2021-23890 | Information Exposure vulnerability in Mcafee Epolicy Orchestrator Information leak vulnerability in the Agent Handler of McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 allows an unauthenticated user to download McAfee product packages (specifically McAfee Agent) available in ePO repository and install them on their own machines to have it managed and then in turn get policy details from the ePO server. | 6.5 |