291 matches found
PT-2025-48275
Mattermost versions 11.0.x = 11.0.2, 10.12.x = 10.12.1, 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to sanitize team email addresses to be visible only to Team Admins, which allows any authenticated user to view team email addresses via the GET /api/v4/channels/channel id/common teams endpoint...
PT-2025-47619
Insecure design policies in the user management system of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes non-admin users to have access to the contact name and email address of other users on the system...
GHSA-CW79-FQ4F-9R96 Liferay Portal Vulnerable to Information Exposure Through a Log File Vulnerability in LDAP Import Feature
Information exposure through log file vulnerability in LDAP import feature in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows local users t...
EUVD-2025-34762
An Exposure of Private Personal Information 'Privacy Violation' vulnerability CWE-359 in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1. through 11.1.2 and 11.0.1 and 10.5.1 and...
CVE-2025-53950
Fortinet FortiDLP Agent’s Outlookproxy plugin for macOS and Windows is affected by CVE-2025-53950. The vulnerability allows an authenticated administrator to collect the current user’s email information across listed FortiDLP Agent versions (MacOS and Windows builds including 11.5.1, 11.4.2–11.4....
CVE-2025-62362 Name and e-mail of employee that has done a publication is discoverable in gpp-burgerportaal
gpp-burgerportaal is a Dutch government citizen portal application. In versions before 2.0.3, 3.0.2, and 4.0.1, the name and email address of employees who publish content are exposed in network responses and can be discovered by viewing the browser's developer tools network tab. This information...
CVE-2025-62292
In SonarQube, versions before 25.6 (including 2025.3 Commercial and 2025.1.3 LTA) allow authenticated low-privilege users to query /api/v2/users-management/users and obtain administrator-only fields, notably email addresses of other accounts. This is the underlying vulnerability described across ...
Mars: Sensitive information exposed at [███] via /export_panelists_to_xlsx endpoint
A vulnerability was identified that allowed unauthorized access to personally identifiable information through an unprotected API endpoint. The vulnerability exposed user email addresses and telephone numbers. The issue was classified under CWE-312 with a CVSS score of 6.1. The vulnerability was...
CVE-2025-11443 JhumanJ OpnForm Forgotten Password email information exposure
A weakness has been identified in JhumanJ OpnForm up to 1.9.3. This affects an unknown function of the file /api/password/email of the component Forgotten Password Handler. This manipulation causes information exposure through discrepancy. It is possible to initiate the attack remotely. The attac...
EUVD-2021-1471
Malware in sbrugna...
EUVD-2016-9946
Malware in sbrugna...
EUVD-2019-17989
Malware in sbrugna...
EUVD-2018-12723
Malware in sbrugna...
EUVD-2011-4228
Malware in sbrugna...
EUVD-2018-13019
Malware in sbrugna...
EUVD-2006-0122
Malware in sbrugna...
EUVD-2004-2218
Malware in sbrugna...
EUVD-2021-26267
Malware in sbrugna...
EUVD-2011-4685
Malware in sbrugna...
EUVD-2018-12720
Malware in sbrugna...