CWE-668

Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29120, CVE-2022-29122, CVE-2022-29134.

An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/.

Multi Store Inventory Management System v1.0 was discovered to contain an information disclosure vulnerability which allows attackers to access sensitive files.

Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information.

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. A malicious maintainer could exfiltrate a GitHub integration’s access token by modifying the integration URL such that authenticated requests are sent to an attacker controlled server.

Improper authentication vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote attacker to obtain some data of Facility Information without logging in to the product.