Vulnerabilities > Improper Cross-boundary Removal of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-19 | CVE-2022-30617 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Strapi An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for other admin panel users that have a relationship (e.g., created by, updated by) with content accessible to the authenticated user. | 8.8 |
| 2022-05-19 | CVE-2022-30618 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Strapi An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for API users if content types accessible to the authenticated user contain relationships to API users (from:users-permissions). | 7.5 |
| 2022-05-12 | CVE-2021-33080 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Intel products Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access. | 6.8 |
| 2022-05-12 | CVE-2021-33082 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Intel products Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access. | 4.6 |
| 2022-03-31 | CVE-2022-24798 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Internet Routing Registry Daemon Project Internet Routing Registry Daemon 4.2.0/4.2.1/4.2.2 Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. | 7.5 |
| 2022-03-11 | CVE-2021-26341 | Improper Cross-boundary Removal of Sensitive Data vulnerability in AMD products Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. | 6.5 |
| 2022-03-03 | CVE-2021-3602 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An information disclosure flaw was found in Buildah, when building containers using chroot isolation. | 5.5 |
| 2022-03-01 | CVE-2022-24719 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Fluture-Node Project Fluture-Node 4.0.0/4.0.1 Fluture-Node is a FP-style HTTP and streaming utils for Node based on Fluture. | 6.1 |
| 2022-02-15 | CVE-2022-25187 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Jenkins Support Core Jenkins Support Core Plugin 2.79 and earlier does not redact some sensitive information in the support bundle. | 6.5 |
| 2022-02-11 | CVE-2022-23633 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Action Pack is a framework for handling and responding to web requests. | 5.9 |