Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.10 views

CVE-2025-31982

HCL BigFix Service Management SM had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of information disclosure or misuse of sensitive functionality...

6.5CVSS5.4AI score0.00153EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/06 3:32 p.m.7 views

EUVD-2025-209697

HCL BigFix Service Management SM had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of information disclosure or misuse of sensitive functionality...

6.5CVSS5.8AI score0.00153EPSS
Exploits0References2
NVD
NVD
added 2026/05/06 3:16 p.m.11 views

CVE-2025-31982

HCL BigFix Service Management SM had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of information disclosure or misuse of sensitive functionality...

6.5CVSS0.00153EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2022/09/21 10:36 a.m.225 views

Exploit for Argument Injection in Atlassian Bitbucket

CVE-2022-36804-POC 🕷️ Bitbucket CVE-2022-36804 unauthenticated...

8.8CVSS9.1AI score0.99174EPSS
Exploits24
CNNVD
CNNVD
added 2021/05/26 12:0 a.m.3 views

HyperKitty 信息泄露漏洞

An information disclosure vulnerability exists in HyperKitty version 1.3.4 and prior versions that stems from when importing archives of private mailing lists that are publicly visible during the import...

7.5CVSS7.2AI score0.01846EPSS
Exploits1References7
Prion
Prion
added 2021/04/01 3:15 a.m.19 views

Denial of service

The membersOf JQL search function in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a group exists & members of groups if they are assigned to publicly...

5CVSS5.2AI score0.0141EPSS
Exploits0References1Affected Software4
NVD
NVD
added 2020/03/30 7:15 p.m.28 views

CVE-2020-7599

All versions of com.gradle.plugin-publish before 0.11.0 are vulnerable to Insertion of Sensitive Information into Log File. When a plugin author publishes a Gradle plugin while running Gradle with the --info log level flag, the Gradle Logger logs an AWS pre-signed URL. If this build log is public...

6.5CVSS6.4AI score0.00481EPSS
Exploits0References2
ossfuzz
ossfuzz
added 2019/03/31 11:14 p.m.25 views

lzma/7z_fuzzer: Use-of-uninitialized-value in CrcUpdateT8

Detailed report: https://oss-fuzz.com/testcase?key=5695345578737664 Project: lzma Fuzzer: libFuzzerlzma7zfuzzer Fuzz target binary: 7zfuzzer Job Type: libfuzzermsanlzma Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: CrcUpdateT8 CrcCalc SzArExExtract Sanitize...

6.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2018/12/20 1:10 a.m.31 views

On error at /rest/ stack-trace is publicly visible

h3. Summary On Confluence server 6.12.2 requesting wrong REST URL /rest/cql/contenttypes?category=test we will see full stack-trace. The same we can see at https://confluence.atlassian.com/rest/cql/contenttypes?category=test On production, a regular user should not see the stack-trace when an err...

0.3AI score
Exploits0
Rows per page
Query Builder