CVE-2025-20954

Use of implicit intent for sensitive communication in EnrichedCall prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability...

Buffer Over-read

stringio is vulnerable to Buffer over-read. The vulnerability is due to improper bounds checking in the ungetbyte and ungetc methods, It allows an attacker to potentially access uninitialized or freed memory content, leading to the exposure of sensitive data...

Memory Search

This module allows for searching the memory space of running processes for potentially sensitive data such as passwords. Module Options msf use post/multi/gather/memorysearch msf postmemorysearch show actions ...actions... msf postmemorysearch set ACTION msf postmemorysearch show options ...show...

CVE-2022-38817

Dapr Dashboard v0.1.0 through v0.10.0 is vulnerable to Incorrect Access Control that allows attackers to obtain sensitive data...

Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Dec 2020)

This host is missing an important security update according to Microsoft Office Click-to-Run updates. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

GHSA-277V-GWFR-HMPJ Missing Authentication for Critical Function in LibreNMS

An issue was discovered in LibreNMS through 1.47. A number of scripts import the Authentication libraries, but do not enforce an actual authentication check. Several of these scripts disclose information or expose functions that are of a sensitive nature and are not expected to be publicly...