Vulnerabilities > Improper Cross-boundary Removal of Sensitive Data
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-10 | CVE-2021-0340 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Google Android 10.0 In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. | 9.3 |
2021-01-13 | CVE-2021-3031 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Paloaltonetworks Pan-Os Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. | 4.3 |
2020-12-09 | CVE-2020-26965 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Mozilla Firefox Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. | 4.3 |
2020-11-12 | CVE-2020-8696 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
2020-10-05 | CVE-2020-25635 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Redhat Ansible 2.10.1 A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. | 5.5 |
2020-09-23 | CVE-2020-14370 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. | 5.3 |
2020-09-02 | CVE-2020-15094 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. | 8.8 |
2020-08-11 | CVE-2020-13179 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Teradici Graphics Agent and Pcoip Standard Agent Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure. | 2.1 |
2020-04-14 | CVE-2020-11740 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. | 5.5 |
2020-04-08 | CVE-2019-20637 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. | 5.0 |