Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2023-11-23 CVE-2023-47668 Information Exposure vulnerability in Liquidweb Restrict Content
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin <= 3.2.7 versions.
network
low complexity
liquidweb CWE-200
7.5
2023-11-22 CVE-2023-6264 Information Exposure vulnerability in Devolutions Server
Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints.
network
low complexity
devolutions CWE-200
5.3
2023-11-10 CVE-2023-45816 Information Exposure vulnerability in Discourse
Discourse is an open source platform for community discussion.
local
low complexity
discourse CWE-200
3.3
2023-11-09 CVE-2023-43791 Information Exposure vulnerability in Humansignal Label Studio
Label Studio is a multi-type data labeling and annotation tool with standardized output format.
network
low complexity
humansignal CWE-200
8.8
2023-10-27 CVE-2022-3611 Information Exposure vulnerability in Lenovo APP Store APP
An information disclosure vulnerability has been identified in the Lenovo App Store which may allow some applications to gain unauthorized access to sensitive user data used by other unrelated applications.
network
low complexity
lenovo CWE-200
7.5
2023-10-20 CVE-2023-4796 Information Exposure vulnerability in Booster for Woocommerce
The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcj_wp_option' shortcode in versions up to, and including, 7.1.0 due to insufficient controls on the information retrievable via the shortcode.
network
low complexity
booster CWE-200
4.3
2023-10-20 CVE-2023-5070 Information Exposure vulnerability in Ultimatelysocial Social Media Share Buttons & Social Sharing Icons
The Social Media Share Buttons & Social Sharing Icons plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.8.5 via the sfsi_save_export function.
network
low complexity
ultimatelysocial CWE-200
6.5
2023-10-19 CVE-2023-34437 Information Exposure vulnerability in Bakerhughes Bentley Nevada 3500 System Firmware 5.0.5
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability in their password retrieval functionality which could allow an attacker to access passwords stored on the device.
network
low complexity
bakerhughes CWE-200
7.5
2023-10-18 CVE-2023-45912 Information Exposure vulnerability in Wipotec Comscale 4.3.29.21344/4.4.12.723
WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing unauthenticated attackers to read files from the underlying operating system and obtain directory listings.
network
low complexity
wipotec CWE-200
7.5
2023-10-17 CVE-2023-45803 Information Exposure vulnerability in multiple products
urllib3 is a user-friendly HTTP client library for Python.
high complexity
python fedoraproject CWE-200
4.2