Lucene search
K

81 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:19 a.m.5 views

CVE-2023-51451

Symbolicator is a service used in Sentry. Starting in Symbolicator version 0.3.3 and prior to version 21.12.1, an attacker could make Symbolicator send GET HTTP requests to arbitrary URLs with internal IP addresses by using an invalid protocol. The responses of those requests could be exposed via...

4.3CVSS6.9AI score0.00471EPSS
Exploits0References1
HackRead
HackRead
added 2025/05/07 1:0 p.m.16 views

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

Austin, USA / Texas, 7th May 2025, CyberNewsWire...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.8 views

PT-2025-14050 · Unknown · Wpbean Our Team Members

Name of the Vulnerable Software and Affected Versions: WPBean Our Team Members versions n/a through 2.2 Description: The issue is related to the exposure of sensitive system information to an unauthorized control sphere. This is a problem where sensitive information is made available to...

4.3CVSS9.5AI score0.00343EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/02/19 12:0 a.m.6 views

The vulnerability of Broadcom P225p NetXtreme-E Dual-port 10Gb/25Gb Ethernet PCIe Adapter and Broadcom NetXtreme-E family Ethernet controllers is related to access control bugs, allowing attackers to gain access to protected information.

The vulnerability of the Broadcom P225p NetXtreme-E dual-port 10Gb/25Gb Ethernet PCIe adapter and Broadcom NetXtreme-E family Ethernet controllers is related to access control bugs. Exploiting this vulnerability can allow attackers to gain access to protected information...

3.2CVSS5.5AI score
Exploits0References3Affected Software2
HackRead
HackRead
added 2025/02/05 4:9 p.m.9 views

Banking Malware Uses Live Numbers to Hijack OTPs, Targeting 50,000 Victims

A banking malware campaign using live phone numbers to redirect SMS messages has been identified by the zLabs research team, uncovering 1,000+ malicious apps and 2.5GB of exposed data...

7.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 3:48 p.m.9 views

CVE-2020-14496

Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information ...

9.8CVSS6.9AI score0.00827EPSS
Exploits0
OSV
OSV
added 2024/12/05 1:15 p.m.4 views

CVE-2024-48846

Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

7.3CVSS5.8AI score0.00656EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/12/05 12:0 a.m.5 views

PT-2024-9197 · Abb · Abb Nexus Series +2

Name of the Vulnerable Software and Affected Versions: ABB ASPECT Enterprise version 3.08.02 ABB NEXUS Series version 3.08.02 ABB MATRIX Series version 3.08.02 Description: The issue is related to the use of files and directories that are accessible to external parties, potentially allowing a...

8.8CVSS7.3AI score0.00335EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2024/11/22 7:58 p.m.13 views

CVE-2024-53253 Sentry's improper error handling leaks Application Integration Client Secret

Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a scenario where a specific error message generated by the Sentry platform could include a plaintext Client ID and Client Secret for an application integration. The Client ...

5.3CVSS6.9AI score0.00628EPSS
Exploits0References3
HackRead
HackRead
added 2024/11/20 6:42 p.m.9 views

US and UK Military Social Network “Forces Penpals” Exposes SSN, PII Data

Forces Penpals, a social network for US and UK military personnel, exposed the sensitive data of 1.1M users,…...

7.3AI score
Exploits0
HackRead
HackRead
added 2024/09/18 3:31 p.m.12 views

Server Misconfiguration at Fuel Industry Software Provider Exposes SSNs, PII Data

A server misconfiguration exposed a trove of documents belonging to FleetPanda, a leading petroleum and fuel industry software…...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/08/01 12:0 a.m.8 views

The vulnerability of the IBM i operating system, related to the exposure of protected information, allows attackers to enhance their privileges.

The vulnerability of the IBM i operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.4CVSS5.5AI score0.00155EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/15 12:0 a.m.3 views

PT-2024-5575 · Pimcore · Pimcore Admin Classic Bundle

Name of the Vulnerable Software and Affected Versions: Pimcore Admin Classic Bundle versions prior to 1.3.10 Pimcore Admin Classic Bundle versions prior to 1.4.6 Pimcore Admin Classic Bundle versions prior to 1.5.2 Description: Navigating to "/admin/index/statistics" with a logged in Pimcore user...

6.5CVSS6.5AI score0.00483EPSS
Exploits1References15
CNNVD
CNNVD
added 2024/06/08 12:0 a.m.3 views

WordPress plugin Otter Blocks PRO security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.5AI score0.00345EPSS
Exploits0References2
HackRead
HackRead
added 2024/05/31 11:49 a.m.14 views

Data Leak Exposes Business Leaders and Top Celebrity Data

A data leak incident involving Clarity.fm left the personal data of business leaders and celebrities exposed to public…...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/05/15 8:30 p.m.12 views

Notorious data leak site BreachForums seized by law enforcement

BreachForums—probably the largest dark web marketplace for stolen data to be leaked and sold—has been seized by law enforcement. Now, both the regular and the TOR domain of BreachForums are plastered with a message telling visitors the site is now under control of the FBI. The FBI said BreachForu...

7AI score
Exploits0
OSV
OSV
added 2024/01/11 3:15 a.m.3 views

CVE-2023-38267

IBM Security Access Manager Appliance IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 260584...

5.5CVSS5.8AI score0.00148EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.8 views

PT-2023-15420 · Unknown · Popup Maker

Name of the Vulnerable Software and Affected Versions: Popup Maker – Popup for opt-ins, lead gen, & more versions 1.17.1 and earlier Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This can potentially lead to unauthorized access to confidentia...

7.5CVSS7.4AI score0.00612EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2023/11/17 6:15 p.m.4 views

CVE-2023-48185

Directory Traversal vulnerability in TerraMaster v.s1.0 through v.2.295 allows a remote attacker to obtain sensitive information via a crafted GET request...

7.5CVSS5.8AI score0.01338EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.21 views

QNAP QTS / QuTS hero Path Traversal (QSA-23-42)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by a vulnerability as referenced in the QSA-23-42 advisory. A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the...

7.5CVSS7.3AI score0.0061EPSS
Exploits0References2
Rows per page
Query Builder