Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-27 | CVE-2020-4967 | Information Exposure vulnerability in IBM Cloud PAK for Security 1.3.0.1 IBM Cloud Pak for Security (CP4S) 1.3.0.1 could disclose sensitive information through HTTP headers which could be used in further attacks against the system. | 4.3 |
| 2021-01-27 | CVE-2020-4815 | Information Exposure vulnerability in IBM Cloud PAK for Security 1.4.0.0 IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote user to obtain sensitive information from HTTP response headers that could be used in further attacks against the system. | 5.3 |
| 2021-01-21 | CVE-2020-3687 | Information Exposure vulnerability in Qualcomm Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue. | 5.5 |
| 2021-01-20 | CVE-2020-19363 | Information Exposure vulnerability in Vtiger CRM 7.2.0 Vtiger CRM v7.2.0 allows an attacker to display hidden files, list directories by using /libraries and /layout directories. | 6.5 |
| 2021-01-15 | CVE-2021-0210 | Information Exposure vulnerability in Juniper Junos An Information Exposure vulnerability in J-Web of Juniper Networks Junos OS allows an unauthenticated attacker to elevate their privileges over the target system through opportunistic use of an authenticated users session. | 6.8 |
| 2021-01-12 | CVE-2020-4079 | Information Exposure vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. | 7.7 |
| 2021-01-12 | CVE-2021-21469 | Information Exposure vulnerability in SAP Netweaver Master Data Management 7.10/7.10.750/710 When security guidelines for SAP NetWeaver Master Data Management running on windows have not been thoroughly reviewed, it might be possible for an external operator to try and set custom paths in the MDS server configuration. | 7.5 |
| 2021-01-06 | CVE-2020-4336 | Information Exposure vulnerability in IBM Websphere Extreme Scale IBM WebSphere eXtreme Scale 8.6.1 stores sensitive information in URL parameters. | 5.3 |
| 2021-01-01 | CVE-2020-35934 | Information Exposure vulnerability in Vasyltech Advanced Access Manager The Advanced Access Manager plugin before 6.6.2 for WordPress displays the unfiltered user object (including all metadata) upon login via the REST API (aam/v1/authenticate or aam/v2/authenticate). | 4.3 |
| 2020-12-28 | CVE-2020-35611 | Information Exposure vulnerability in Joomla Joomla! An issue was discovered in Joomla! 2.5.0 through 3.9.22. | 7.5 |