Vulnerabilities > Improper Cross-boundary Removal of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-29 | CVE-2024-41156 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Hitachienergy Tro610 Firmware, Tro620 Firmware and Tro670 Firmware Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. | 4.3 |
| 2024-10-21 | CVE-2024-49997 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. | 7.5 |
| 2024-09-10 | CVE-2024-7698 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Phoenixcontact products A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks. | 5.7 |
| 2023-12-22 | CVE-2023-48308 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Nextcloud Calendar Nextcloud/Cloud is a calendar app for Nextcloud. | 6.5 |
| 2023-12-18 | CVE-2023-41967 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Gallagher Controller 6000 Firmware Sensitive information uncleared after debug/power state transition in the Controller 6000 could be abused by an attacker with knowledge of the Controller's default diagnostic password and physical access to the Controller to view its configuration through the diagnostic web pages. | 4.6 |
| 2023-05-31 | CVE-2023-3006 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Linux Kernel 6.1 A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. | 5.5 |
| 2023-04-03 | CVE-2023-28834 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Nextcloud Server Nextcloud Server is an open source personal cloud server. | 4.3 |
| 2023-03-27 | CVE-2023-1637 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Linux Kernel 5.18 A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. | 5.5 |
| 2023-01-03 | CVE-2022-3460 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Octopus Server In affected versions of Octopus Deploy it is possible for certain types of sensitive variables to inadvertently become unmasked when viewed in variable preview. | 7.5 |
| 2022-12-27 | CVE-2022-4734 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Usememos Memos Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/memos prior to 0.9.1. | 4.3 |