Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-08 | CVE-2020-9849 | Information Exposure vulnerability in Apple products An information disclosure issue was addressed with improved state management. | 6.5 |
| 2020-12-03 | CVE-2020-17527 | Information Exposure vulnerability in multiple products While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. | 7.5 |
| 2020-12-03 | CVE-2020-5676 | Information Exposure vulnerability in Weseek Growi GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to access via unspecified vectors. | 7.5 |
| 2020-11-26 | CVE-2020-29043 | Information Exposure vulnerability in Bigbluebutton An issue was discovered in BigBlueButton through 2.2.29. | 7.5 |
| 2020-11-24 | CVE-2020-28333 | Information Exposure vulnerability in Barco Wepresent Wipg-1600W Firmware 2.5.1.8 Barco wePresent WiPG-1600W devices allow Authentication Bypass. | 9.8 |
| 2020-11-19 | CVE-2020-7568 | Information Exposure vulnerability in Schneider-Electric Modicon M221 Firmware A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon M221 (all references, all versions) that could allow non sensitive information disclosure when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller. | 4.3 |
| 2020-11-19 | CVE-2020-12496 | Information Exposure vulnerability in Endress products Endress+Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) and Memograph M (Neutral/Private Label) (RSG45, ORSG45) with Firmware version V2.0.0 and above is prone to exposure of sensitive information to an unauthorized actor. | 6.5 |
| 2020-11-19 | CVE-2020-25703 | Information Exposure vulnerability in multiple products The participants table download in Moodle always included user emails, but should have only done so when users' emails are not hidden. | 5.3 |
| 2020-11-18 | CVE-2020-26076 | Information Exposure vulnerability in Cisco IOT Field Network Director A vulnerability in Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive database information on an affected device. | 7.5 |
| 2020-11-17 | CVE-2020-25746 | Information Exposure vulnerability in Resourcexpress Qubi3 Firmware QED ResourceXpress Qubi3 devices before 1.40.9 could allow a local attacker (with physical access to the device) to obtain sensitive information via the debug interface (keystrokes over a USB cable), aka wireless password visibility. | 4.6 |