Lucene search
K

37 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

TYPO3 CMS 路径遍历漏洞

TYPO3 CMS is a content management system developed under the TYPO3 open source framework. Versions 11.0.0 to 11.5.50, 12.0.0 to 12.4.45, 13.0.0 to 13.4.30, and 14.0.0 to 14.3.2 of TYPO3 CMS contain a path traversal vulnerability. This vulnerability arises from backend users with file download...

7.1CVSS5.2AI score0.00313EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 p.m.15 views

CVE-2026-5515

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 1:42 p.m.9 views

EUVD-2019-20155

Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration...

5.3CVSS5.8AI score0.00203EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/26 12:55 p.m.11 views

Apache Tomcat: Apache Tomcat: Information disclosure via sensitive data in log files

A flaw was found in Apache Tomcat. The cloud membership for clustering component was vulnerable to the insertion of sensitive information into log files. This vulnerability could lead to the exposure of the Kubernetes bearer token, which is a credential used for authentication within a Kubernetes...

7.5CVSS5.7AI score0.00447EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.5 views

IBM InfoSphere Information Server 日志信息泄露漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A log information disclosure vulnerability exists in IBM InfoSphere Information Server that...

5.3CVSS5.7AI score0.0019EPSS
Exploits0References2
CVE
CVE
added 2025/11/11 3:30 a.m.21 views

CVE-2025-11891

CVE-2025-11891 : Shelf Planner (WordPress) up to version 2.7.0 exposes log files publicly, enabling unauthenticated access to sensitive information. Several connected sources (Wordfence, Patchstack, PT Security, CVE listings) corroborate the flaw and patch status. Patch available: Shelf Planner s...

5.3CVSS5.9AI score0.00277EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.4 views

WordPress plugin Shelf Planner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.3CVSS6.5AI score0.00277EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/31 12:30 p.m.6 views

EUVD-2025-37343

A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data...

4.5CVSS5.7AI score0.00437EPSS
Exploits0References2
NVD
NVD
added 2025/10/31 11:15 a.m.8 views

CVE-2025-40603

A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data...

4.5CVSS0.00437EPSS
Exploits0References1
CVE
CVE
added 2025/10/31 11:1 a.m.13 views

CVE-2025-40603

SonicWall SMA100 Series appliances (SMA 210, 410, 500v) are affected by CVE-2025-40603. A remote, authenticated administrator may, under certain conditions, view partial user credential data via log files. SonicWall PSIRT provides a fixed-release remediation for SMA100 series; upgrade to the spec...

4.5CVSS5.8AI score0.00437EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/10/15 8:26 a.m.18 views

CVE-2025-10486

The CVE-2025-10486 entry concerns the WordPress Content Writer plugin. Publicly exposed log files allowed unauthenticated attackers to view sensitive information from all versions up to and including 3.6.8. The issue is categorized as unauthenticated information disclosure with a Network attack v...

5.3CVSS5.4AI score0.00296EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-48721

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.0045EPSS
Exploits0References4
CVE
CVE
added 2025/10/01 3:25 a.m.19 views

CVE-2025-10744

The CVE concerns the WordPress plugin File Manager, Code Editor, and Backup by Managefy (versions up to 1.6.1). Publicly exposed log files allow unauthenticated attackers to view sensitive details, including full file paths and backup file locations. Technical details in connected sources confirm...

5.9CVSS5.6AI score0.00356EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/29 1:48 p.m.5 views

CVE-2025-36144

IBM Lakehouse watsonx.data 2.2 stores potentially sensitive information in log files that could be read by a local user...

3.3CVSS6.1AI score0.00116EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/29 12:0 a.m.6 views

IBM Watsonx.data Log Information Disclosure Vulnerability

IBM Watsonx.data is an open data lake warehouse platform from International Business Machines IBM. IBM Watsonx.data suffers from a log information disclosure vulnerability that stems from storing potentially sensitive information in log files, which can be exploited by an attacker to cause it to ...

5.5CVSS5.9AI score0.00116EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/27 4:45 a.m.10 views

CVE-2025-9985

The Featured Image from URL FIFU plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.7 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...

5.3CVSS5.8AI score0.1107EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-10212

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the...

9.8CVSS6.2AI score0.019EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-15095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like ://:@::/. The...

4.4CVSS6.8AI score0.00417EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 3:16 a.m.4 views

CVE-2023-22869

IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 244119...

5.5CVSS5.9AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:48 a.m.5 views

CVE-2023-27256

Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of sensitive log files by unauthenticated attackers...

5.8CVSS7.1AI score0.00559EPSS
Exploits0References1
Rows per page
Query Builder