EUVD-2026-33921

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, and 15.4.8600 to 15.4.8630 allows a remote unauthenticated attacker to...

OpenClaw Information Disclosure Vulnerability (CNVD-2026-14389)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has an information disclosure vulnerability, the vulnerability stems from the component File Existence Handler's function tools.exec.safeBins for the protection of sensitive information is insufficient, an attacker can...

CVE-2025-15567

Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...

GHSA-QHP6-6P8P-2RQH Wildfly Elytron integration susceptible to brute force attacks via CLI

Impact A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI. Patches The default behaviour has been changed in...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of Adobe Experience Manager’s content and media data management system lies in the insufficient protection of website structures, which allows attackers to carry out XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

Cisco IOS XE 跨站请求伪造漏洞

Cisco IOS XE is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A cross-site request forgery vulnerability exists in Cisco IOS XE that stems from...

CVE-2024-56181

A vulnerability has been identified in SIMATIC Field PG M5 All versions, SIMATIC IPC BX-21A All versions V31.01.07, SIMATIC IPC BX-32A All versions V29.01.07, SIMATIC IPC BX-39A All versions V29.01.07, SIMATIC IPC BX-59A All versions V32.01.04, SIMATIC IPC PX-32A All versions V29.01.07, SIMATIC I...

The vulnerability of the software products of the LLC “NPO ‘MIR’, related to the use of weak protection for database data, allows attackers to disclose the protected information.

The vulnerability of the software products developed by LLC “NPO ‘MIR’ lies in the use of weak protection for database credentials. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose the protected information...

The vulnerability of the gpiolib component in the Linux operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the gpiolib component in the Linux operating system is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow unauthorized access to protected information...

The vulnerability of the dpaa2-switch component in the Linux operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the dpaa2-switch component in the Linux operating system is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow unauthorized access to protected information...

ABB FLXeon 日志信息泄露漏洞

The ABB FLXeon is a series of controllers from ABB Switzerland. ABB FLXeon version 9.3.4 and prior versions suffer from a log information disclosure vulnerability that stems from the application's inadequate protection of sensitive information and can be exploited by an attacker to obtain sensiti...

The vulnerability of the View Password module in Drupal CMS systems, related to the lack of protective measures for website structures, allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the View Password module in the Drupal CMS system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

PT-2025-1215 · Microsoft · Windows Bitlocker +1

Name of the Vulnerable Software and Affected Versions: Windows BitLocker affected versions not specified Description: The issue is related to insufficient protection of system data in the BitLocker component of the Windows operating system. Exploitation of this issue may allow an attacker to...

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from insufficient protection of sensitive data. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to insufficient protection of sensitive data when attachments that are not images are added, due to the lack of authentication procedures. Exploiting this vulnerability can allow...

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...