CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

212 matches found

Siemens RUGGEDCOM RST2428P Use of Web Browser Cache Containing Sensitive Information (CVE-2026-41918)

The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data stored in the browser. This plugin only works with Tenable.ot. Please visit...

5.9CVSS5.9AI score0.00194EPSS

Exploits0References3

RedhatCVE•added 2026/06/05 7:36 p.m.•6 views

CVE-2026-41918

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS5.4AI score0.00194EPSS

Exploits0References1

NVD•added 2026/06/02 2:16 p.m.•13 views

CVE-2026-41918

5.9CVSS0.00194EPSS

Exploits0References1

ATTACKERKB•added 2026/06/02 12:6 p.m.•6 views

CVE-2026-41918

5.9CVSS5.7AI score0.00194EPSS

Exploits0References2

Vulnrichment•added 2026/06/02 12:6 p.m.•9 views

CVE-2026-41918

5.9CVSS5.7AI score0.00194EPSS

Exploits0References1

Cvelist•added 2026/06/02 12:6 p.m.•35 views

CVE-2026-41918

5.9CVSS0.00194EPSS

Exploits0References1

CVE•added 2026/06/02 12:6 p.m.•19 views

CVE-2026-41918

The vulnerability CVE-2026-41918 affects RUGGEDCOM RST2428P (6GK6242-6PA00) all versions before V4.0. The issue arises when an authenticated user modifies certain configurations, causing sensitive information to be stored in the browser cache. An authenticated attacker could access this cached da...

5.9CVSS5.7AI score0.00194EPSS

Exploits0References1

EUVD•added 2026/06/02 12:6 p.m.•9 views

EUVD-2026-33914

5.9CVSS5.7AI score0.00194EPSS

Exploits0References1

CNNVD•added 2026/06/02 12:0 a.m.•5 views

Siemens RUGGEDCOM RST2428P 安全漏洞

The Siemens RUGGEDCOM RST2428P is a server communication device produced by the German company Siemens. Versions of Siemens RUGGEDCOM RST2428P prior to 4.0 contained security vulnerabilities. These vulnerabilities stemmed from the practice of storing sensitive information in the browser cache whe...

5.9CVSS5.4AI score0.00194EPSS

Exploits0References1

Snyk•added 2026/04/23 2:36 p.m.•3 views

Use of Web Browser Cache Containing Sensitive Information

Overview @astrojs/node is a Deploy your site to a Node.js server Affected versions of this package are vulnerable to Use of Web Browser Cache Containing Sensitive Information via the serve-static.ts component. An attacker can cause legitimate users to receive persistent error responses for static...

6.9CVSS5.4AI score0.00238EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 9:50 a.m.•7 views

CVE-2020-10096

An issue was discovered in Zammad 3.0 through 3.2. It does not prevent caching of confidential data within browser memory. An attacker who either remotely compromises or obtains physical access to a user's workstation can browse the browser cache contents and obtain sensitive information. The...

7.5CVSS6.2AI score0.01139EPSS

Exploits0References1

Veracode•added 2025/12/13 6:30 a.m.•6 views

Use Of Web Browser Cache Containing Sensitive Information

Drupal core is vulnerable to Use of Web Browser Cache Containing Sensitive Information. The vulnerability is due to improper cache control handling, which allows sensitive information to be stored in browser cache and potentially accessed by unauthorized users...

3.7CVSS5.7AI score0.00243EPSS

Exploits0References7Affected Software1

Veracode•added 2025/12/13 4:32 a.m.•7 views

Improper Cache Control

Liferay Portal is vulnerable to improper cache control. The vulnerability is due to the use of incorrect cache-control headers, which allows an attacker to gain unauthorized access to downloaded files through the browser’s cache...

5.5CVSS5.2AI score0.00112EPSS

Exploits0References6Affected Software2

OSV•added 2025/11/25 5:56 p.m.•3 views

BIT-DRUPAL-2025-13083 Drupal core - Moderately critical - Information disclosure - SA-CORE-2025-008

Use of Web Browser Cache Containing Sensitive Information vulnerability in Drupal Drupal core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before...

3.7CVSS6.4AI score0.00243EPSS

Exploits0References2

Github Security Blog•added 2025/11/18 6:32 p.m.•5 views

Drupal core allows Exploiting Incorrectly Configured Access Control Security Levels

3.7CVSS6.5AI score0.00243EPSS

Exploits0References3Affected Software1

OSV•added 2025/11/18 6:32 p.m.•5 views

GHSA-MHPG-HPJ5-73R2 Drupal core allows Exploiting Incorrectly Configured Access Control Security Levels

6.3CVSS6.4AI score0.00243EPSS

Exploits0References3

EUVD•added 2025/11/18 6:32 p.m.•7 views

EUVD-2025-198027

Drupal core allows Exploiting Incorrectly Configured Access Control Security Levels...

3.7CVSS6.4AI score0.00243EPSS

Exploits0References3

NVD•added 2025/11/18 5:15 p.m.•4 views

CVE-2025-13083

3.7CVSS0.00243EPSS

Exploits0References1

OSV•added 2025/11/18 5:15 p.m.•7 views

CVE-2025-13083

3.7CVSS6.4AI score

Exploits0References1

CVE•added 2025/11/18 4:55 p.m.•44 views

CVE-2025-13083

Drupal core contains an information-disclosure vulnerability (CVE-2025-13083) due to caching of browser data and incorrectly configured access control security levels. Affected versions span Drupal 8.0.0 to 10.4.9, 10.5.0 to 10.5.6, 11.0.0 to 11.1.9, and 11.2.0 to 11.2.8. The issue is triggered b...

3.7CVSS6.1AI score0.00243EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by