CVE-2026-2207

A weakness has been identified in WeKan up to 8.20. This issue affects some unknown processing of the file server/publications/activities.js of the component Activity Publication Handler. Executing a manipulation can lead to information disclosure. It is possible to launch the attack remotely...

CVE-2026-2207

A weakness has been identified in WeKan up to 8.20. This issue affects some unknown processing of the file server/publications/activities.js of the component Activity Publication Handler. Executing a manipulation can lead to information disclosure. It is possible to launch the attack remotely...

EUVD-2026-5824

A vulnerability was identified in WeKan up to 8.20. This affects an unknown part of the file server/publications/cards.js of the component Meteor Publication Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. Upgrading to version 8.21 is able to...

PT-2026-6975

Name of the Vulnerable Software and Affected Versions Tenda AC21 version 16.03.08.16 Description A security issue exists in the Tenda AC21. The issue involves information disclosure through manipulation of an unknown function within the /cgi-bin/DownloadFlash file of the Web Management Interface...

SUSE CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

CVE-2020-37157 DBPower C300 HD Camera - Remote Configuration Disclosure

DBPower C300 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive credentials through an unprotected configuration backup endpoint. Attackers can download the configuration file and extract hardcoded username and password by...

CVE-2026-2055 D-Link DIR-605L/DIR-619L DHCP Client Information information disclosure

A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element is an unknown function of the component DHCP Client Information Handler. Executing a manipulation can lead to information disclosure. The attack may be launched remotely. The exploit has been made...

EUVD-2026-5662

A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element is an unknown function of the component DHCP Client Information Handler. Executing a manipulation can lead to information disclosure. The attack may be launched remotely. The exploit has been made...

CVE-2026-2054

A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an unknown function of the component Wifi Setting Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the publi...

CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

CVE-2026-0789

ALGO 8180 IP Audio Alerter Web UI Inclusion of Authentication Cookie in Response Body Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required ...

CVE-2026-1197

A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vulnerability is an unknown functionality of the file /system/downloadById. Performing a manipulation of the argument ID results in information disclosure. The attack can be initiated remotely. The attack's complexity is rated as...

CVE-2026-1194

A security flaw has been discovered in MineAdmin 1.x/2.x. This affects an unknown function of the component Swagger. The manipulation results in information disclosure. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was...

CVE-2026-1170

The CVE-2026-1170 affects birkir prime before 0.4.0.beta.0, specifically the GraphQL API’s /graphql processing. Technical details in connected sources show that manipulating the GraphQL file can disclose information remotely. Public exploit activity is indicated, and multiple risk datasets (inclu...

EUVD-2026-3211

A security vulnerability has been detected in PHPGurukul Directory Management System 1.0. Impacted is an unknown function of the file /index.php of the component Search. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been...

MiracleLinux 7 : httpd24-httpd-2.4.25-9.el7.1 (AXSA:2017-2226:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2226:02 advisory. It was discovered that the httpd's modauthdigest module did not properly initialize memory before using it when processing certain headers related t...

CVE-2025-36911

In key-based pairing, there is a possible ID due to a logic error in the code. This could lead to remote proximal/adjacent information disclosure of user's conversations and location with no additional execution privileges needed. User interaction is not needed for exploitation...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003594)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003594 advisory. The Linux kernel 4.x starting from 4.1 and 5.x before 5.0.8 allows Information Exposure partial kernel address disclosure, leading to a KASLR bypass. Specifically, i...

MiracleLinux 7 : libreoffice-5.0.6.2-15.el7 (AXSA:2018-2622:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2622:01 advisory. libreoffice: Remote arbitrary file disclosure vulnerability via WEBSERVICE formula CVE-2018-6871 Tenable has extracted the preceding description block direct...

CVE-2025-36911

In key-based pairing, there is a possible ID due to a logic error in the code. This could lead to remote proximal/adjacent information disclosure of user's conversations and location with no additional execution privileges needed. User interaction is not needed for exploitation...