CVSS: 9.9EPSS: 0%CPEs: 7EXPL: 0CVE-2022-28181
https://notcve.org/view.php?id=CVE-2022-28181
17 May 2022 — NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5353 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-28184
https://notcve.org/view.php?id=CVE-2022-28184
17 May 2022 — NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can access administrator- privileged registers, which may lead to denial of service, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5353 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-23670
https://notcve.org/view.php?id=CVE-2022-23670
16 May 2022 — A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27772 – HCL Sametime is vulnerable to an information disclosure
https://notcve.org/view.php?id=CVE-2021-27772
12 May 2022 — Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead to information leakage where confidential information discussed in private groups is read by other users without the users knowledge. Los usuarios pueden leer las conversaciones de grupo sin participar activamente en... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0097430 • CWE-285: Improper Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27769 – HCL Sametime is vulnerable to an information disclosure
https://notcve.org/view.php?id=CVE-2021-27769
12 May 2022 — Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system. This information may or may not be sensitive and does not automatically mean a breach is likely to occur. Overall, any information that could be used for an attack should be limited whenever possible. Un filtrado de información es producido cuando un sitio web revela información que podría ayudar a un atacante a seguir explotando el sistema. Esta información puede ser o no confidencial y n... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0097430 • CWE-472: External Control of Assumed-Immutable Web Parameter •
CVSS: 5.5EPSS: 0%CPEs: 71EXPL: 0CVE-2021-26361
https://notcve.org/view.php?id=CVE-2021-26361
12 May 2022 — A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure. • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-26020
https://notcve.org/view.php?id=CVE-2022-26020
12 May 2022 — An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1474 • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-25172
https://notcve.org/view.php?id=CVE-2022-25172
12 May 2022 — An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1470 • CWE-732: Incorrect Permission Assignment for Critical Resource CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag •
CVSS: 5.5EPSS: 0%CPEs: 346EXPL: 0CVE-2021-0155
https://notcve.org/view.php?id=CVE-2021-0155
12 May 2022 — Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. • https://security.netapp.com/advisory/ntap-20220818-0003 • CWE-252: Unchecked Return Value •
CVSS: 5.5EPSS: 0%CPEs: 797EXPL: 0CVE-2022-21151
https://notcve.org/view.php?id=CVE-2022-21151
12 May 2022 — Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. • https://security.netapp.com/advisory/ntap-20220826-0003 •