Lucene search
K

29 matches found

Cvelist
Cvelist
added 2026/05/12 7:19 p.m.49 views

CVE-2026-44874 Authenticated Arbitrary File Download via AOS-10 Web-Based Management Interface

A vulnerability exists in the web-based management interface of an AOS-10 Gateway that could allow an authenticated remote attacker to access sensitive files on the underlying operating system. Successful exploitation of this vulnerability could result in the disclosure of confidential system...

4.9CVSS0.00305EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 3:4 a.m.2 views

CVE-2026-24322 Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vulnerability has a high impact on confidentiality and does not affect integrity or availability...

7.7CVSS5.4AI score0.00209EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:16 p.m.10 views

CVE-2018-1000827

Ubilling version = 0.9.2 contains a Other/Unknown vulnerability in user-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution...

9.8CVSS7.7AI score0.03604EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:15 p.m.5 views

CVE-2018-1000837

UML Designer version = 8.0.0 contains a XML External Entity XXE vulnerability in XML parser for plugins that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via malicious plugins.xml file...

10CVSS7AI score0.01799EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-0819

Malware in sbrugna...

10CVSS9AI score0.01873EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2021

Malware in sbrugna...

9CVSS9.2AI score0.01335EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-2025

Malware in sbrugna...

9.8CVSS9.3AI score0.03232EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-2027

Malware in sbrugna...

10CVSS8.7AI score0.01799EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/29 12:0 a.m.9 views

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) JetBrains TeamCity, related to the storage of information in an open manner, allows a hacker to expose confidential information.

The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of JetBrains TeamCity is related to the storage of information in an open manner. Exploiting this vulnerability can allow attackers to disclose confidential information...

5.5CVSS5.4AI score0.00249EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 1:13 p.m.8 views

CVE-2018-1000822

codelibs fess version before commit faa265b contains a XML External Entity XXE vulnerability in GSA XML file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via specially crafted GSA XML files. This...

10CVSS7AI score0.01937EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:14 a.m.7 views

CVE-2018-1000834

runelite version = runelite-parent-1.4.23 contains a XML External Entity XXE vulnerability in Man in the middle runscape services call that can result in Disclosure of confidential data, denial of service, SSRF, port scanning...

9CVSS7AI score0.01374EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:56 a.m.12 views

CVE-2018-1000651

Stroom version 5.4.5 contains a XML External Entity XXE vulnerability in XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted XML file...

10CVSS6.9AI score0.01855EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/09/03 12:0 a.m.6 views

The vulnerability of the mod_css_styles function in the Cascading Style Sheet Handler component of the RoundCube email client allows a hacker to disclose confidential information.

The vulnerability of the modcssstyles function in the Cascading Style Sheet Handler component of the RoundCube email client is related to insufficient filtering of the sequence of tokens in CSS styles displayed in email messages. Exploiting this vulnerability could allow an attacker to disclose...

7.8CVSS5.8AI score0.5281EPSS
Exploits1References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.6 views

The vulnerability of the GLPI system for handling requests and incidents, related to the disclosure of confidential information to unauthorized individuals, allows a violator to disclose confidential data.

The vulnerability of the GLPI system for handling requests and incidents involves the disclosure of confidential information to unauthorized individuals. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose confidential data...

5.3CVSS6.8AI score0.00685EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/06/13 12:0 a.m.10 views

The vulnerability of the tls_new_ciphertext() function in the src/net/tls.c file of the iPXE network loading standard’s Preboot Execution Environment implementation, which allows a hacker to disclose confidential information

The vulnerability of the tlsnewciphertext function in the src/net/tls.c file of the iPXE network loading standard implementation allows for unauthorized access. Exploiting this vulnerability could enable a malicious actor to disclose confidential information by manipulating the padlen argument...

4.3CVSS5.4AI score0.00481EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/11/10 12:0 a.m.9 views

The vulnerability of the Ghost content management system, related to inconsistencies in responses to incoming requests, allows a hacker to disclose confidential information.

The vulnerability of the Ghost content management system is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability allows a malicious actor to disclose confidential information through a specially crafted HTTP request...

5.3CVSS6.2AI score0.20196EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2023/02/01 5:15 a.m.22 views

CVE-2022-34458

Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in download operation component. A local malicious user could potentially exploit this vulnerability leading to the...

6.6CVSS6.3AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/01 4:34 a.m.25 views

CVE-2022-34458

Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in download operation component. A local malicious user could potentially exploit this vulnerability leading to the...

6.6CVSS6.5AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/14 9:22 a.m.25 views

CVE-2022-32285

A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. The affected module is vulnerable to XML External Entity XXE attacks due to...

7.4AI score0.00953EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2021/10/20 1:27 p.m.100 views

Researchers Break Intel SGX With New 'SmashEx' CPU Attack Technique

A newly disclosed vulnerability affecting Intel processors could be abused by an adversary to gain access to sensitive information stored within enclaves and even run arbitrary code on vulnerable systems. The vulnerability CVE-2021-0186, CVSS score: 8.2 was discovered by a group of academics from...

8.2CVSS0.2AI score0.00787EPSS
Exploits0
Rows per page
Query Builder