Lucene search
K

62 matches found

EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2026-10448

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

5CVSS5.8AI score0.00209EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/10 6:31 p.m.6 views

EUVD-2026-10449

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

5CVSS5.8AI score0.00209EPSS
Exploits0References3
NVD
NVD
added 2026/03/10 5:35 p.m.4 views

CVE-2026-24313

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

5CVSS0.00209EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/10 12:17 a.m.28 views

CVE-2026-24313 Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

5CVSS0.00209EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/10 12:17 a.m.4 views

CVE-2026-24313 Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

5CVSS5.8AI score0.00209EPSS
Exploits0References2
CVE
CVE
added 2026/03/07 3:34 p.m.18 views

CVE-2026-29787

Summary of CVE-2026-29787 (mcp-memory-service) : The /api/health/detailed endpoint exposes detailed reconnaissance data (OS version, Python version, CPU, memory, disk usage, and the full database path). This occurs when anonymous access is enabled (MCP_ALLOW_ANONYMOUS_ACCESS=true) and the service...

5.3CVSS5.7AI score0.00369EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/11 7:30 a.m.5 views

CVE-2026-23681

Due to missing authorization check in a function module in SAP Support Tools Plug-In, an authenticated attacker could invoke specific function modules to retrieve information about the system and its configuration. This disclosure of the system information could assist the attacker to plan...

4.3CVSS5.5AI score0.00168EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 3:0 a.m.3 views

CVE-2026-0486 Missing Authorization Check in ABAP based SAP systems

In ABAP based SAP systems a remote enabled function module does not perform necessary authorization checks for an authenticated user resulting in disclosure of system information.This has low impact on confidentiality. Integrity and availability are not impacted...

5CVSS5.5AI score0.00168EPSS
Exploits0References2
CVE
CVE
added 2026/02/10 3:0 a.m.19 views

CVE-2026-0486

In ABAP-based SAP systems, a remote-enabled function module lacks necessary authorization checks for an authenticated user, leading to disclosure of system information. Root cause: missing authorization validation in the module. Impact: confidentiality low; integrity and availability not affected...

5CVSS5.5AI score0.00168EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/11/05 9:27 a.m.5 views

CVE-2025-12192 The Events Calendar <= 6.15.9 - Sysinfo Key Incorrect Comparison to Unauthenticated Sensitive Information Exposure

The Events Calendar plugin for WordPress is vulnerable to information disclosure in versions up to, and including, 6.15.9. The sysinfo REST endpoint compares the provided key to the stored opt-in key using a loose comparison, allowing unauthenticated attackers to send a boolean value and obtain t...

5.3CVSS0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-1214

Malware in sbrugna...

5CVSS6.4AI score0.01627EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-5062

Malware in sbrugna...

7.5CVSS7.3AI score0.0126EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/07 12:0 a.m.2 views

Marvell QConvergeConsole 路径遍历漏洞

Marvell QConvergeConsole is a unified adapter management software across data centers from Marvell USA. A path traversal vulnerability exists in Marvell QConvergeConsole due to an error in the compressDriverFiles method. An attacker could exploit the vulnerability to disclose information in the...

7.5CVSS7.2AI score0.01256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:26 a.m.9 views

CVE-2024-0472

A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file modifyuser.php. The manipulation of the argument mname leads to information disclosure. The exploit has been disclosed to the public...

7.5CVSS6.5AI score0.00558EPSS
Exploits0References1
Zero Science Lab
Zero Science Lab
added 2025/05/21 12:0 a.m.207 views

ABB Cylon FLXeon 9.3.5 (variant.js) Unauthenticated System Information Disclosure

Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...

5.9AI score
Exploits0
CVE
CVE
added 2025/04/23 10:43 a.m.49 views

CVE-2025-42604

CVE-2025-42604 affects Meon KYC solutions. The root cause is that debug mode is enabled in certain API endpoints, which an attacker could access to receive unauthorized API responses that disclose detailed system information. The available documents describe the vulnerability as an information di...

6.9CVSS6.4AI score0.00392EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/23 12:0 a.m.4 views

Meon KYC 安全漏洞

Meon KYC is a solution from Meon India. A security vulnerability exists in Meon KYC that stems from debug mode being enabled on certain API endpoints, which could lead to the disclosure of system related information...

6.9CVSS6.4AI score0.00392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/10 7:54 p.m.45 views

CVE-2025-27738

Improper access control in Windows Resilient File System ReFS allows an authorized attacker to disclose information over a network...

6.5CVSS6.3AI score0.02848EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/08 5:24 p.m.22 views

CVE-2025-27738 Windows Resilient File System (ReFS) Information Disclosure Vulnerability

...

6.5CVSS0.02848EPSS
Exploits0References1
OSV
OSV
added 2025/01/25 2:15 p.m.3 views

CVE-2023-38714

IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could disclose sensitive information about the system that could aid in further attacks against the system...

7.5CVSS5.7AI score0.00314EPSS
Exploits0References1
Rows per page
Query Builder