CWE-200

CVE-2022-27849

February 23, 2023 by godfreyd94

Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115

Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 on WordPress allows attackers to get the booking data by guessing / brute-forcing easy predictable booking IDs via search POST requests.

CVE-2022-27875

February 23, 2023 by godfreyd94

On F5 Access for Android 3.x versions prior to 3.0.8, a Task Hijacking vulnerability exists in the F5 Access for Android application, which may allow an attacker to steal sensitive user information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVE-2022-27630

February 23, 2023 by godfreyd94

An information disclosure vulnerability exists in the confctl_get_master_wlan functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to information disclosure. An attacker can send packets to trigger this vulnerability.

CVE-2022-27633

February 23, 2023 by godfreyd94

An information disclosure vulnerability exists in the confctl_get_guest_wlan functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to information disclosure. An attacker can send packets to trigger this vulnerability.

CVE-2022-27667

February 23, 2023 by godfreyd94

Under certain conditions, SAP BusinessObjects Business Intelligence platform, Client Management Console (CMC) – version 430, allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure.