Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-27 | CVE-2023-30993 | Information Exposure vulnerability in IBM Cloud PAK for Security IBM Cloud Pak for Security (CP4S) 1.9.0.0 through 1.9.2.0 could allow an attacker with a valid API key for one tenant to access data from another tenant's account. | 7.5 |
| 2023-06-27 | CVE-2022-34352 | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager 7.5.0 IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. | 6.5 |
| 2023-06-22 | CVE-2023-25499 | Information Exposure vulnerability in Vaadin When adding non-visible components to the UI in server side, content is sent to the browser in Vaadin 10.0.0 through 10.0.22, 11.0.0 through 14.10.0, 15.0.0 through 22.0.28, 23.0.0 through 23.3.12, 24.0.0 through 24.0.5 and 24.1.0.alpha1 to 24.1.0.beta1, resulting in potential information disclosure. | 6.5 |
| 2023-06-22 | CVE-2023-25500 | Information Exposure vulnerability in Vaadin Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in potential information disclosure of class and method names in RPC responses by sending modified requests. | 4.3 |
| 2023-06-13 | CVE-2023-27465 | Information Exposure vulnerability in Siemens products A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D445-2 DP/PN (All versions >= V5.4), SIMOTION D445-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D455-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION P320-4 E (All versions >= V5.4), SIMOTION P320-4 S (All versions >= V5.4). | 4.6 |
| 2023-06-11 | CVE-2023-22586 | Information Exposure vulnerability in Danfoss Ak-Em100 Firmware The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter. | 7.5 |
| 2023-06-11 | CVE-2023-25912 | Information Exposure vulnerability in Danfoss Ak-Em100 Firmware The webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information such as the internal IP address, usernames and internal device values. | 5.3 |
| 2023-06-07 | CVE-2021-4377 | Information Exposure vulnerability in Wobbie Doneren MET Mollie The Doneren met Mollie plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.8.5 via the dmm_export_donations() function which is called via the admin_post_dmm_export hook due to missing capability checks. | 6.5 |
| 2023-05-31 | CVE-2023-33979 | Information Exposure vulnerability in GPT Academic Project GPT Academic gpt_academic provides a graphical interface for ChatGPT/GLM. | 6.5 |
| 2023-05-18 | CVE-2023-29857 | Information Exposure vulnerability in Teslamate Project Teslamate 1.27.1 An issue in Teslamate v1.27.1 allows attackers to obtain sensitive information via directly accessing the teslamate link. | 5.3 |