5 matches found
CVE-2026-33461
Incorrect Authorization CWE-863 in Kibana can lead to information disclosure via Privilege Abuse CAPEC-122. A user with limited Fleet privileges can exploit an internal API endpoint to retrieve sensitive configuration data, including private keys and authentication tokens, that should only be...
EUVD-2020-4433
Malware in sbrugna...
CVE-2021-34771
A vulnerability in the Cisco IOS XR Software CLI could allow an authenticated, local attacker to view more information than their privileges allow. This vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this...
DataTaker DT80 dEX 1.50.012 Sensitive Configuration Exposure Vulnerability
DataTaker DT80 dEX version 1.50.012 suffers from an information disclosure vulnerability. + Title: DataTaker DT80 dEX 1.50.012 - Sensitive Configurations Exposure + Credits / Discovery: Nassim Asrir + Author Contact: email protected || https://www.linkedin.com/in/nassim-asrir-b73a57122/ + Author...
EmuMail 5.0 - Web Root Full Path Disclosure
EmuMail 5.0 - Web Root Full Path Disclosure source: https://www.securityfocus.com/bid/5823/info Emumail is an open source web mail application. It is available for the Unix, Linux, and Microsoft Windows operating systems. Under some conditions, Emumail may reveal sensitive configuration...