Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2026/03/16 6:44 p.m.10 views

Azure Blob Storage for Craft CMS Potential Sensitive Information Disclosure vulnerability

Unauthenticated users can view a list of buckets the plugin has access to. The DefaultController-actionLoadContainerData endpoint allows unauthenticated users with a valid CSRF token to view a list of buckets that the plugin is allowed to see. Because Azure can return sensitive data in error...

8.7CVSS5.8AI score0.00348EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/16 12:0 a.m.4 views

PT-2026-25818

The Azure Blob Storage for Craft CMS plugin provides an Azure Blob Storage integration for Craft CMS. In versions on the 2.x branch prior to 2.1.1, unauthenticated users can view a list of buckets the plugin has access to. The DefaultController-actionLoadContainerData endpoint allows...

8.7CVSS5.8AI score0.00348EPSS
Exploits0References8
OSV
OSVadded 2024/02/02 12:15 a.m.1 views

CVE-2024-21866

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed request...

5.3CVSS5.8AI score0.0041EPSS
Exploits0References2
BDU FSTEC
BDU FSTECadded 2023/09/07 12:0 a.m.3 views

The vulnerability of the XWiki platform, which involves exposing information in the wrong data area, allows a hacker to obtain the email addresses of all users.

The vulnerability of the XWiki Platform lies in the exposure of information in the error data area. Exploiting this vulnerability could allow a malicious actor to obtain the email addresses of all users...

7.8CVSS7.2AI score0.00961EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologiesadded 2023/07/27 12:0 a.m.5 views

PT-2023-8490 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 3.5-milestone-1 through 14.10.8 XWiki Platform versions 15.3-rc-1 and earlier Description: The issue is related to the disclosure of information in the error data area of the XWiki Platform, specifically in the...

4.3CVSS4.5AI score0.00661EPSS
Exploits1References11
Positive Technologies
Positive Technologiesadded 2020/08/25 12:0 a.m.4 views

PT-2021-6507 · Saltstack +2 · Saltstack Salt +2

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3003.3 Description: The issue is related to information disclosure in the error data area of the Salt configuration management and remote execution system. Exploitation of this issue allows a remote attacker t...

9.8CVSS7.5AI score0.99585EPSS
Exploits16References167
CNVD
CNVDadded 2017/02/08 12:0 a.m.2 views

IBM Security Access Manager Information Disclosure Vulnerability (CNVD-2017-01305)

IBM Security Access Manager is a security access manager from IBM USA. A security vulnerability exists in IBM Security Access Manager. An attacker could exploit the vulnerability by sending a specially crafted HTTP request to obtain sensitive information from an error message...

4CVSS6.3AI score0.01033EPSS
Exploits0References1
Rows per page
Query Builder