SAP Solution Manager (Diagnostic Agent) - version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation can make the attacker access files and systems for which he/she is not authorized.
Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally.
Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability
Windows Group Policy Security Feature Bypass Vulnerability
Windows Kernel Information Disclosure Vulnerability
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35433.
Storage Spaces Controller Information Disclosure Vulnerability
Storage Spaces Controller Information Disclosure Vulnerability
Windows Graphics Component Information Disclosure Vulnerability
Windows Common Log File System Driver Information Disclosure Vulnerability
VP9 Video Extensions Information Disclosure Vulnerability
A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows an authenticated user to disclosure agent password due to plaintext credential storage in log files
<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p>
Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
Windows Fast FAT File System Driver Information Disclosure Vulnerability
Windows Canonical Display Driver Information Disclosure Vulnerability
Microsoft Excel Information Disclosure Vulnerability
Windows Error Reporting Information Disclosure Vulnerability
FSLogix Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability
An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Information Disclosure Vulnerability'.
Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability
Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to arbitrary information disclosure.
Windows Resilient File System (ReFS) Information Disclosure Vulnerability
Windows Kernel-Mode Driver Information Disclosure Vulnerability
Microsoft Excel Information Disclosure Vulnerability
Windows Bind Filter Driver Information Disclosure Vulnerability
Windows Graphics Component Information Disclosure Vulnerability
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability
Windows Storage Information Disclosure Vulnerability
IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 211403.
Windows exFAT File System Information Disclosure Vulnerability
IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 213962.
Windows Installer Information Disclosure Vulnerability
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability
Windows SMB Information Disclosure Vulnerability
Windows Event Tracing Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Microsoft Message Queuing Information Disclosure Vulnerability
ASP.NET Core and Visual Studio Information Disclosure Vulnerability
Windows GDI Information Disclosure Vulnerability
GDI+ Information Disclosure Vulnerability
IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 168862.
Windows Authentication Information Disclosure Vulnerability
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
Windows Package Library Manager Information Disclosure Vulnerability
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files.