Vulnerabilities > Improper Cross-boundary Removal of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-05 | CVE-2021-39891 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Gitlab In all versions of GitLab CE/EE since version 8.0, access tokens created as part of admin's impersonation of a user are not cleared at the end of impersonation which may lead to unnecessary sensitive info disclosure. | 4.9 |
| 2021-08-23 | CVE-2020-36476 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). | 7.5 |
| 2021-08-13 | CVE-2021-38554 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise’s UI erroneously cached and exposed user-viewed secrets between sessions in a single shared browser. | 5.3 |
| 2021-06-11 | CVE-2021-28689 | Improper Cross-boundary Removal of Sensitive Data vulnerability in XEN x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. | 5.5 |
| 2021-06-08 | CVE-2021-32658 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Nextcloud Nextcloud Android is the Android client for the Nextcloud open source home cloud system. | 4.6 |
| 2021-04-23 | CVE-2021-31780 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Misp 2.4.141 In app/Model/MispObject.php in MISP 2.4.141, an incorrect sharing group association could lead to information disclosure on an event edit. | 7.5 |
| 2021-02-22 | CVE-2020-11198 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Qualcomm products Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 6.7 |
| 2021-02-10 | CVE-2021-0340 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Google Android 10.0 In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. | 8.8 |
| 2020-12-09 | CVE-2020-26965 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Mozilla Firefox Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. | 6.5 |
| 2020-11-12 | CVE-2020-8696 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |