Vulnerabilities > Improper Cross-boundary Removal of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-12 | CVE-2022-29900 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. | 6.5 |
| 2022-07-05 | CVE-2022-33740 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). | 7.1 |
| 2022-06-30 | CVE-2022-31112 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Parseplatform Parse-Server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 8.2 |
| 2022-06-27 | CVE-2022-31090 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Guzzle, an extensible PHP HTTP client. | 7.7 |
| 2022-06-13 | CVE-2021-46813 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Huawei Emui and Magic UI Vulnerability of residual files not being deleted after an update in the ChinaDRM module. | 5.0 |
| 2022-06-10 | CVE-2022-31042 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Guzzle is an open source PHP HTTP client. | 7.5 |
| 2022-06-10 | CVE-2022-31043 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Guzzle is an open source PHP HTTP client. | 7.5 |
| 2022-05-31 | CVE-2022-1893 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Trudesk Project Trudesk Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3. | 5.3 |
| 2022-05-19 | CVE-2022-30617 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Strapi An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for other admin panel users that have a relationship (e.g., created by, updated by) with content accessible to the authenticated user. | 9.0 |
| 2022-05-19 | CVE-2022-30618 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Strapi An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for API users if content types accessible to the authenticated user contain relationships to API users (from:users-permissions). | 6.0 |