8 matches found
CVE-2023-50720 XWiki Platform Solr search discloses email addresses of users
XWiki Platform is a generic wiki platform. Prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, the Solr-based search in XWiki discloses the email addresses of users even when obfuscation of email addresses is enabled. To demonstrate the vulnerability, search for objcontent:email using XWiki's...
CVE-2022-0424 Popup by Supsystic < 1.10.9 - Unauthenticated Subscriber Email Addresses Disclosure
The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users...
Like Button Rating < 2.6.38 - Unauthorised Vote Export to Email & IP Addresses Disclosure
The plugin does not have any authorisation and CSRF checks in the likebtnexportvotes AJAX action, which could allow any authenticated user, such as subscriber, to get a list of email and IP addresses of people who liked content from the blog. fetch"http://example.com/wp-admin/admin-ajax.php",...
The vulnerability of the ipddp_ioctl function in the Linux operating system’s kernel allows a hacker to disclose protected information.
The vulnerability of the ipddpioctl function drivers/net/appletalk/ipddp.c in the Linux kernel is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose the protected kernel address information...
CVE-2018-7273
In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showfloppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel...
Memory corruption
An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses...
Memory corruption
An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses...
CVE-2016-6311
Get requests in JBoss Enterprise Application Platform EAP 7 disclose internal IP addresses to remote attackers...