CVE-2026-41931

Vvveb before version 1.0.8.2 contains an information disclosure vulnerability that allows unauthenticated attackers to obtain sensitive server information by triggering unhandled exceptions in the password-reset module. Attackers can access the admin password-reset endpoint to trigger a fatal err...

CVE-2026-35527

Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...

CVE-2026-32211

CVE-2026-32211 describes a missing-authentication vulnerability in Azure MCP Server that allows an unauthorized network attacker to disclose information. The NVD entries corroborate a critical impact (CVSS v3.1: 9.1) with high confidentiality and integrity impact, and network attack vector with n...

Exploit for Path Traversal in Tuzitio Camaleon_Cms

Exploit-for-CVE-2024-46987 Exploit for CVE-2024-46987 usage:...

Security Bulletin: Multiple vulnerabilities found in IBM ApplinX.

Summary IBM ApplinX has been updated in order to address the multiple vulnerabilities CVE-2025-36410, CVE-2025-36409, CVE-2025-36419, CVE-2025-36408, CVE-2025-36418, CVE-2025-36411. Vulnerability Details CVEID:CVE-2025-36410 DESCRIPTION: IBM ApplinX could allow an authenticated user to perform...

CVE-2025-36160

IBM Concert 1.0.0 through 2.0.0 could disclose sensitive server information from HTTP response headers that could aid in further attacks against the system...

CVE-2025-36160

IBM Concert 1.0.0 through 2.0.0 could disclose sensitive server information from HTTP response headers that could aid in further attacks against the system...

IBM Concert 安全漏洞

IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform, announced by IBM in May 2024 at the IBMThink conference in Boston, USA. IBM Concert suffers from an information disclosure vulnerability that stems from t...

Windows State Repository API Server File Information Disclosure Vulnerability

Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally...

IBM Sterling B2B Integrator和IBM Sterling File Gateway 安全漏洞

IBM Sterling B2B Integrator and IBM Sterling File Gateway are both products of International Business Machines IBM.IBM Sterling B2B Integrator is a suite of software that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B...

CVE-2025-42935

The CVE-2025-42935 entry concerns SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager (ICM). The vulnerability is an information disclosure where authorized users with admin privileges and local access can read sensitive information from log files, impacting con...

CVE-2023-35900

IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server version information which may be used to determine software vulnerabilities at the operating system level. IBM X-Force ID: 259368...

CVE-2022-33161

IBM Security Directory Server 6.4.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. X-Force ID:...

CVE-2021-23858

Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication. Additionally, device details are exposed which include the serial number and the firmware version by another...

CVE-2024-38118

Microsoft Local Security Authority LSA Server Information Disclosure Vulnerability...

CVE-2024-31844

An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application errors. In some cases, this leads to a disclosure of information about the server. An unauthenticated user is able craft specific requests in order to make the application generate an error. Inside a...

CVE-2024-30043 Microsoft SharePoint Server Information Disclosure Vulnerability

...

CVE-2023-27630 WordPress Community by PeepSo plugin <= 6.0.9.0 - Server Information Disclosure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PeepSo Community by PeepSo.This issue affects Community by PeepSo: from n/a through 6.0.9.0...

IBM Storage Protect Plus Server 信息泄露漏洞

IBM Storage Protect Plus Server is an IBM Storage software from International Business Machines IBM that provides recovery, replication, retention and reuse for virtual machines, databases, applications, file systems, SaaS workloads and containers. An information disclosure vulnerability exists i...

Code injection

A vulnerability has been identified in QMS Automotive All versions V12.39. The affected application server responds with sensitive information about the server. This could allow an attacker to directly access the database...