Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-04 | CVE-2023-25819 | Information Exposure vulnerability in Discourse Discourse is an open source platform for community discussion. | 5.3 |
| 2023-02-27 | CVE-2023-27266 | Information Exposure vulnerability in Mattermost Server Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the /api/v4/users/me/teams API endpoint, allowing an attacker with team admin privileges to learn the team owner's email address in the response. | 2.7 |
| 2023-02-16 | CVE-2023-22580 | Information Exposure vulnerability in Sequelizejs Sequelize Due to improper input filtering in the sequalize js library, can malicious queries lead to sensitive information disclosure. | 7.5 |
| 2023-02-14 | CVE-2023-0020 | Information Exposure vulnerability in SAP Businessobjects Business Intelligence Platform 420/430 SAP BusinessObjects Business Intelligence platform - versions 420, 430, allows an authenticated attacker to access sensitive information which is otherwise restricted. | 7.1 |
| 2023-02-10 | CVE-2022-46650 | Information Exposure vulnerability in Sierrawireless Aleos Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page. | 4.9 |
| 2023-01-26 | CVE-2023-0321 | Information Exposure vulnerability in Campbellsci products Campbell Scientific dataloggers CR6, CR300, CR800, CR1000 and CR3000 may allow an attacker to download configuration files, which may contain sensitive information about the internal network. | 9.1 |
| 2023-01-26 | CVE-2023-23613 | Information Exposure vulnerability in Amazon Opensearch OpenSearch is an open source distributed and RESTful search engine. | 6.5 |
| 2023-01-20 | CVE-2022-39193 | Information Exposure vulnerability in Mediawiki 1.39.0/1.39.1 An issue was discovered in the CheckUser extension for MediaWiki through 1.39.x. | 5.3 |
| 2023-01-20 | CVE-2022-43959 | Information Exposure vulnerability in Bitrix24 20.0.0/20.0.975/22.0.300 Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit.php. | 4.9 |
| 2023-01-18 | CVE-2022-45103 | Information Exposure vulnerability in Dell products Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. | 6.5 |