463 matches found
EUVD-2022-5632
Malicious code in bioql PyPI...
EUVD-2021-31561
Malicious code in bioql PyPI...
EUVD-2022-1216
Malicious code in bioql PyPI...
CVE-2025-36162
IBM DevOps Deploy / IBM UrbanCode Deploy UCD 8.1 before 8.1.2.2 could allow an authenticated user to obtain sensitive information about configuration on the system...
CVE-2025-20270
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system. This vulnerability is due to improper validation of reques...
CVE-2025-36162 IBM DevOps Deploy / IBM UrbanCode Deploy information disclosure
IBM DevOps Deploy / IBM UrbanCode Deploy UCD 8.1 before 8.1.2.2 could allow an authenticated user to obtain sensitive information about configuration on the system...
PT-2025-35184
Name of the Vulnerable Software and Affected Versions: iND Co.,Ltd products affected versions not specified Description: Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information issue. Exploitation may lead to the disclosure of configuration information, such...
Information Disclosure Vulnerability in Various ABB Products (CNVD-2025-13423)
ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...
GHSA-JM79-7XHW-6F6F GWC Home Page communicate version and revision information
Summary The GeoWebCache home page includes version and revision information about the software in use. This information is sensitive from a security point of view because it allows software used by the server to be easily identified. Details...
CVE-2024-24215
An issue in the component /cgi-bin/GetJsonValue.cgi of Cellinx NVT Web Server 5.0.0.014 allows attackers to leak configuration information via a crafted POST request...
CVE-2023-44318
Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the...
CVE-2022-34887
Standard users can directly operate and set printer configuration information , such as IP, in some Lenovo Printers without having to authenticate with the administrator password...
CVE-2021-35070
RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2021-20730
Improper access control vulnerability in WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allows an attacker to obtain configuration information via unspecified vectors...
CVE-2021-25652
An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Appliance Virtualization Platform Utilities AVPU. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be...
CVE-2021-25244
An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various pieces of configuration informaiton...
CVE-2013-2744
importbuddy.php in the BackupBuddy plugin 2.2.25 for WordPress allows remote attackers to obtain configuration information via a step 0 phpinfo action, which calls the phpinfo function...
CVE-2019-10333
Missing permission checks in Jenkins ElectricFlow Plugin 1.1.5 and earlier in various HTTP endpoints allowed users with Overall/Read access to obtain information about the Jenkins ElectricFlow Plugin configuration and configuration of connected ElectricFlow instances...
CVE-2019-6331
An issue was found in Samsung Mobile Print Android versions prior to 4.08.007. A potential security vulnerability caused by incomplete obfuscation of application configuration information...
CVE-2019-10962
BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway Workstation does not prevent an attacker with knowledge of the IP address of the Alaris Gateway Workstation terminal to gain access to the status and...