Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-20 | CVE-2023-4796 | Information Exposure vulnerability in Booster for Woocommerce The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcj_wp_option' shortcode in versions up to, and including, 7.1.0 due to insufficient controls on the information retrievable via the shortcode. | 4.3 |
| 2023-10-20 | CVE-2023-5070 | Information Exposure vulnerability in Ultimatelysocial Social Media Share Buttons & Social Sharing Icons The Social Media Share Buttons & Social Sharing Icons plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.8.5 via the sfsi_save_export function. | 6.5 |
| 2023-10-18 | CVE-2023-45912 | Information Exposure vulnerability in Wipotec Comscale 4.3.29.21344/4.4.12.723 WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing unauthenticated attackers to read files from the underlying operating system and obtain directory listings. | 7.5 |
| 2023-10-17 | CVE-2023-45803 | Information Exposure vulnerability in multiple products urllib3 is a user-friendly HTTP client library for Python. | 4.2 |
| 2023-10-17 | CVE-2023-41752 | Information Exposure vulnerability in multiple products Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 8.1.8, from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 8.1.9 or 9.2.3, which fixes the issue. | 7.5 |
| 2023-10-14 | CVE-2023-5579 | Information Exposure vulnerability in Yzh66 Sandbox 6.1.0 A vulnerability was found in yhz66 Sandbox 6.1.0. | 6.5 |
| 2023-10-14 | CVE-2023-42780 | Information Exposure vulnerability in Apache Airflow Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs. | 6.5 |
| 2023-10-13 | CVE-2023-39999 | Information Exposure vulnerability in multiple products Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38. | 4.3 |
| 2023-10-12 | CVE-2023-45143 | Information Exposure vulnerability in multiple products Undici is an HTTP/1.1 client written from scratch for Node.js. | 3.5 |
| 2023-10-11 | CVE-2023-44187 | Information Exposure vulnerability in Juniper Junos OS Evolved An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. | 5.5 |