Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-10 | CVE-2019-1400 | Information Exposure vulnerability in Microsoft Office and Office 365 Proplus An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. | 5.5 |
| 2019-12-10 | CVE-2019-13744 | Information Exposure vulnerability in multiple products Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2019-12-10 | CVE-2019-13737 | Information Exposure vulnerability in multiple products Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
| 2019-12-09 | CVE-2014-0242 | Information Exposure vulnerability in Modwsgi MOD Wsgi mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread. | 7.5 |
| 2019-12-06 | CVE-2019-19627 | Information Exposure vulnerability in ROS Sros2 0.8.1 SROS 2 0.8.1 (after CVE-2019-19625 is mitigated) leaks ROS 2 node-related information regardless of the rtps_protection_kind configuration. | 5.3 |
| 2019-12-06 | CVE-2019-19625 | Information Exposure vulnerability in ROS Sros2 0.8.1 SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml document. | 5.3 |
| 2019-12-05 | CVE-2012-1105 | Information Exposure vulnerability in multiple products An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. | 5.5 |
| 2019-12-05 | CVE-2019-19007 | Information Exposure vulnerability in Intelbras IWR 3000N Firmware 1.8.7 Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600. | 7.2 |
| 2019-11-29 | CVE-2014-3591 | Information Exposure vulnerability in multiple products Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication. | 4.2 |
| 2019-11-27 | CVE-2019-18660 | Information Exposure vulnerability in multiple products The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. | 4.7 |