39 matches found
Spring MVC Framework - Local File Inclusion
Spring MVC Framework versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported are vulnerable to local file inclusion because they allow applications to configure Spring MVC to serve static resources e.g. CSS, JS, images. A malicious user can send a request using a...
CVE-2020-10080
GitLab 8.3 through 12.8.1 allows Information Disclosure. It was possible for certain non-members to access the Contribution Analytics page of a private group...
CVE-2023-25529
NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information...
EUVD-2020-4628
Malware in sbrugna...
EUVD-2019-5714
Malware in sbrugna...
EUVD-2019-18640
Malware in sbrugna...
EUVD-2019-18704
Malware in sbrugna...
EUVD-2023-36533
Malicious code in bioql PyPI...
EUVD-2021-2790
Malicious code in bioql PyPI...
EUVD-2022-34420
Malicious code in bioql PyPI...
EUVD-2023-23980
Malicious code in bioql PyPI...
CVE-2025-42935
The SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager ICM permits authorized users with admin privileges and local access to log files to read sensitive information, resulting in information disclosure. This leads to high impact on the confidentiality of the...
CVE-2025-46788
Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to conduct an information disclosure via network access...
CVE-2025-48823
Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network...
PT-2025-29109 · Zoom Video Communications · Zoom Client
Name of the Vulnerable Software and Affected Versions: Zoom Clients versions prior to 6.4.5 Description: Cross-site scripting may allow an authenticated user to conduct a disclosure of information via network access. Recommendations: Update Zoom Clients to version 6.4.5 or later...
CVE-2025-23252
CVE-2025-23252 affects NVIDIA NVDebug tool. The vulnerability could allow an attacker to access restricted components and cause information disclosure. Affected products include the NVDebug tool on x86_64/arm64-SBSA systems with versions prior to the patched updates. NVIDIA PSIRT notes a separate...
CVE-2021-1111
Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components...
CVE-2020-8604
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations...
CVE-2019-17143
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
CVE-2017-20101
A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zipdownload. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely...