Lucene search
K

14 matches found

Snyk
Snyk
added 2026/05/19 3:55 p.m.8 views

Insertion of Sensitive Information Into Sent Data

Overview strawberry-graphql is an A library for creating GraphQL APIs Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the graphiql template. An attacker can obtain sensitive HTTP header values by enticing a user to enter confidential...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.7 views

MBS多款产品 安全漏洞

MBS UBR-01 Mk II, etc., are products of the German MBS company. The MBS UBR-01 Mk II is a remote base station device. The MBS UBR-02 is also a remote base station device. The MBS UBR-LON is a communication interface device for industrial automation systems. Several MBS products have security...

7.5CVSS5.9AI score0.00318EPSS
Exploits0References2
NVD
NVD
added 2026/03/05 7:16 p.m.12 views

CVE-2026-26196

Gogs is an open source self-hosted Git service. Prior to version 0.14.2, gogs api still accepts tokens in url params like token and accesstoken, which can leak through logs, browser history, and referrers. This issue has been patched in version 0.14.2...

6.9CVSS0.00254EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/19 1:58 p.m.4 views

CVE-2025-67857

A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure...

6.3AI score0.00314EPSS
Exploits0References2
OSV
OSV
added 2025/03/05 6:15 a.m.5 views

CVE-2025-27662

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Password in URL OVE-20230524-0005...

9.8CVSS5.8AI score0.0057EPSS
Exploits0References1
OSV
OSV
added 2023/06/15 10:15 p.m.2 views

CVE-2023-23841

SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.3 views

PT-2023-19247 · Solarwinds · Solarwinds Serv-U

Name of the Vulnerable Software and Affected Versions: SolarWinds Serv-U affected versions not specified Description: The issue concerns SolarWinds Serv-U submitting an HTTP request when changing or updating attributes for File Share or File request, where part of the URL of the request discloses...

7.5CVSS7.4AI score0.00455EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/08/29 3:15 p.m.4 views

CVE-2022-36200

In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...

7.5CVSS7.1AI score0.01895EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2021/12/09 12:43 p.m.5 views

Mozilla: URL leakage when navigating while executing asynchronous function

The Mozilla Foundation Security Advisory describes this flaw as: Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL...

6.5CVSS7.4AI score0.0167EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/10/15 12:0 a.m.7 views

PT-2021-8816 · Mitsubishi · Smartrtu

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Europe B.V. SmartRTU devices affected versions not specified Description: The issue allows remote attackers to obtain sensitive information, including directory listings and source code, by making a direct request to the...

7.5CVSS6.9AI score0.19612EPSS
Exploits4References6
OSV
OSV
added 2018/06/07 2:29 a.m.1 views

CVE-2017-16122

cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS5.8AI score0.02005EPSS
Exploits1References2
CNVD
CNVD
added 2018/04/09 12:0 a.m.3 views

Unspecified Vulnerability in McAfee Network Security Management

McAfee Network Security Management NSM is a suite of network security solutions from McAfee that enables real-time monitoring of deployed McAfee intrusion prevention systems across the network. A security vulnerability exists in the Web interface in McAfee NSM that originates from a program passi...

6.5CVSS6.9AI score0.00685EPSS
Exploits0References1
OSV
OSV
added 2018/02/21 12:29 a.m.4 views

CVE-2018-7272

The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part of the URL, which allows attackers to obtain sensitive information by finding an ID value in a log file...

6.5CVSS5.8AI score0.00878EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/04/20 12:0 a.m.5 views

The vulnerability of the Mac OS X operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the iBooks component in the Mac OS X operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to obtain confidential information through a URL in the iBooks file...

4.3CVSS5.8AI score0.01226EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder