Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-25 | CVE-2019-5880 | Information Exposure vulnerability in Google Chrome Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 7.4 |
| 2019-11-25 | CVE-2012-5644 | Information Exposure vulnerability in multiple products libuser has information disclosure when moving user's home directory | 5.5 |
| 2019-11-25 | CVE-2012-5535 | Information Exposure vulnerability in multiple products gnome-system-log polkit policy allows arbitrary files on the system to be read | 7.5 |
| 2019-11-22 | CVE-2019-16285 | Information Exposure vulnerability in HP Thinpro Linux If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive. | 4.6 |
| 2019-11-22 | CVE-2012-6079 | Information Exposure vulnerability in Boldgrid W3 Total Cache W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys. | 7.5 |
| 2019-11-22 | CVE-2012-6078 | Information Exposure vulnerability in Boldgrid W3 Total Cache W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes. | 7.5 |
| 2019-11-22 | CVE-2012-6077 | Information Exposure vulnerability in Boldgrid W3 Total Cache W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files. | 7.5 |
| 2019-11-21 | CVE-2013-3314 | Information Exposure vulnerability in Loftek Nexus 543 Firmware The Loftek Nexus 543 IP Camera allows remote attackers to obtain (1) IP addresses via a request to get_realip.cgi or (2) firmware versions (ui and system), timestamp, serial number, p2p port number, and wifi status via a request to get_status.cgi. | 7.5 |
| 2019-11-20 | CVE-2019-6852 | Information Exposure vulnerability in Schneider-Electric products A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network. | 7.5 |
| 2019-11-20 | CVE-2015-3167 | Information Exposure vulnerability in multiple products contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack. | 7.5 |