694 matches found
MediaWiki 安全漏洞
MediaWiki is a free and open-source wiki engine developed by the Wikimedia Foundation in the United States. This product can be used to deploy internal knowledge management and content management systems. Versions of MediaWiki prior to 1.39.14, 1.43.4, and 1.44.1 contain security vulnerabilities...
CVE-2025-1395
Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing proces...
CVE-2026-23564
A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive informatio...
CVE-2026-23564 Transmission of Unencrypted Data in Content Distribution Service
A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive informatio...
AZL-75527 CVE-2025-11065 affecting package moby-cli for versions less than 24.0.9-8
A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...
MiracleLinux 9 : linux-firmware-20230310-134.el9.ML.1 (AXSA:2023-6270:05)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6270:05 advisory. This package includes firmware files required for some devices to operate. CVE-2023-20593 An issue in Zen 2 CPUs, under specific microarchitectural...
Odine GateKeeper SQL injection vulnerability
Odine GateKeeper is a voice fraud detection software developed by the Turkish company Odine. Version 1.0 of Odine GateKeeper contains an SQL injection vulnerability. This vulnerability stems from an SQL injection vulnerability in the trafficCycle API endpoint, which may lead to the disclosure of...
CVE-2026-23746
Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service DCG.SmartCardControllerService.exe. The service registers a TCP remoting...
CVE-2023-49950
The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...
CVE-2018-18657
An issue was discovered in Arcserve Unified Data Protection UDP through 6.5 Update 4. There is a DDI-VRT-2018-18 Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceImpl issue...
WordPress plugin Booking Calendar 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2019-7097
Adobe Dreamweaver versions 19.0 and earlier have an insecure protocol implementation vulnerability. Successful exploitation could lead to sensitive data disclosure if smb request is subject to a relay attack...
CVE-2019-7612
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message...
CVE-2023-54163
CVE-2023-54163 affects NLB mKlik Macedonia 3.3.12, where a SQL injection vulnerability exists in the international transfer parameters. The root cause is unsanitized input allowing arbitrary SQL execution, potentially exposing sensitive data from the mobile banking application. The CVSSv3.1 vecto...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the Backup ZipSlip. An attacker can create or overwrite files in arbitrary locations within the application's privilege scope by inserting data entries with absolute paths or parent directory traversal sequences...
CVE-2024-38798
EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” by local access. Successful exploitation of this vulnerability will lead to possible information disclosure or escalation of privilege and impact Confidentiality...
Kalmia 安全漏洞
Kalmia is an open source document content management system from Iridia Solutions Private Limited. A security vulnerability exists in Kalmia version 0.2.0, which stems from insufficient validation of permissions in the /kal-api/auth/users API endpoint, which could lead to the disclosure of...
CVE-2025-58113
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.7.3.401. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive...
CVE-2025-58113
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.7.3.401. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive...
PT-2025-48705
Name of the Vulnerable Software and Affected Versions PDF-XChange Editor version 10.7.3.401 Description An out-of-bounds read issue exists in the EMF functionality. Exploitation involves a specially crafted EMF file. This could allow an attacker to perform an out-of-bounds read, potentially leadi...