Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-42475 | Information Exposure vulnerability in SAP S/4Hana The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality. | 4.3 |
| 2023-10-04 | CVE-2023-43804 | Information Exposure vulnerability in multiple products urllib3 is a user-friendly HTTP client library for Python. | 8.1 |
| 2023-09-18 | CVE-2023-42454 | Information Exposure vulnerability in Lovasoa Sqlpage SQLpage is a SQL-only webapp builder. | 9.1 |
| 2023-09-15 | CVE-2023-36472 | Information Exposure vulnerability in Strapi Strapi is an open-source headless content management system. | 5.7 |
| 2023-09-13 | CVE-2021-44172 | Information Exposure vulnerability in Fortinet Forticlient Endpoint Management Server An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClientEMS versions 7.0.0 through 7.0.4, 7.0.6 through 7.0.7, in all 6.4 and 6.2 version management interface may allow an unauthenticated attacker to gain information on environment variables such as the EMS installation path. | 5.3 |
| 2023-09-12 | CVE-2023-40712 | Information Exposure vulnerability in Apache Airflow Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated users who have access to see the task/dag in the UI, to craft a URL, which could lead to unmasking the secret configuration of the task that otherwise would be masked in the UI. Users are strongly advised to upgrade to version 2.7.1 or later which has removed the vulnerability. | 6.5 |
| 2023-09-12 | CVE-2023-40622 | Information Exposure vulnerability in SAP Businessobjects Business Intelligence 420/430 SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. | 9.9 |
| 2023-09-06 | CVE-2023-41050 | Information Exposure vulnerability in Zope Accesscontrol AccessControl provides a general security framework for use in Zope. | 7.7 |
| 2023-09-05 | CVE-2023-32271 | Information Exposure vulnerability in Openautomationsoftware OAS Platform 18.00.0072 An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. | 6.5 |
| 2023-09-01 | CVE-2023-4714 | Information Exposure vulnerability in Playtube 3.0.1 A vulnerability was found in PlayTube 3.0.1 and classified as problematic. | 7.5 |