Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2023-10-11 CVE-2023-44187 Information Exposure vulnerability in Juniper Junos OS Evolved
An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line.
local
low complexity
juniper CWE-200
5.5
2023-10-11 CVE-2023-44097 Information Exposure vulnerability in Huawei Emui and Harmonyos
Vulnerability of the permission to access device SNs being improperly managed.Successful exploitation of this vulnerability may affect service confidentiality.
network
low complexity
huawei CWE-200
7.5
2023-09-13 CVE-2021-44172 Information Exposure vulnerability in Fortinet Forticlient Endpoint Management Server
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClientEMS versions 7.0.0 through 7.0.4, 7.0.6 through 7.0.7, in all 6.4 and 6.2 version management interface may allow an unauthenticated attacker to gain information on environment variables such as the EMS installation path.
network
low complexity
fortinet CWE-200
5.3
2023-06-27 CVE-2023-30993 Information Exposure vulnerability in IBM Cloud PAK for Security
IBM Cloud Pak for Security (CP4S) 1.9.0.0 through 1.9.2.0 could allow an attacker with a valid API key for one tenant to access data from another tenant's account.
network
low complexity
ibm CWE-200
7.5
2023-06-27 CVE-2022-34352 Information Exposure vulnerability in IBM Qradar Security Information and Event Manager 7.5.0
IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains.
network
low complexity
ibm CWE-200
6.5
2023-06-22 CVE-2023-25499 Information Exposure vulnerability in Vaadin
When adding non-visible components to the UI in server side, content is sent to the browser in Vaadin 10.0.0 through 10.0.22, 11.0.0 through 14.10.0, 15.0.0 through 22.0.28, 23.0.0 through 23.3.12, 24.0.0 through 24.0.5 and 24.1.0.alpha1 to 24.1.0.beta1, resulting in potential information disclosure.
network
low complexity
vaadin CWE-200
6.5
2023-06-22 CVE-2023-25500 Information Exposure vulnerability in Vaadin
Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in potential information disclosure of class and method names in RPC responses by sending modified requests.
network
low complexity
vaadin CWE-200
4.3
2023-06-13 CVE-2023-27465 Information Exposure vulnerability in Siemens products
A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D445-2 DP/PN (All versions >= V5.4), SIMOTION D445-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D455-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION P320-4 E (All versions >= V5.4), SIMOTION P320-4 S (All versions >= V5.4).
low complexity
siemens CWE-200
4.6
2023-06-11 CVE-2023-22586 Information Exposure vulnerability in Danfoss Ak-Em100 Firmware
The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter.
network
low complexity
danfoss CWE-200
7.5
2023-06-11 CVE-2023-25912 Information Exposure vulnerability in Danfoss Ak-Em100 Firmware
The webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information such as the internal IP address, usernames and internal device values.
network
low complexity
danfoss CWE-200
5.3