CVE-2026-32142

Shopware is an open commerce platform. /api/info/config route exposes information about licenses. This vulnerability is fixed in 7.8.1 and 6.10.15...

CVE-2025-20377

CVE-2025-20377 affects Cisco Unified Intelligence Center API subsystem. Improper validation of API requests allows an authenticated, remote attacker with valid credentials (low-privilege) to view sensitive information that should be restricted. The issue is an information-disclosure problem over ...

EUVD-2014-4700

Malware in sbrugna...

EUVD-2022-15783

Malicious code in bioql PyPI...

EUVD-2024-23580

Malicious code in bioql PyPI...

CVE-2024-26310

Archer Platform 6.8 before 6.14 P2 6.14.0.2 contains an improper access control vulnerability. A remote authenticated malicious user could potentially exploit this to gain access to API information that should only be accessible with extra privileges...

CVE-2022-41240

Jenkins Walti Plugin 1.0.1 and earlier does not escape the information provided by the Walti API, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide malicious API responses from Walti...

CVE-2024-26310

Archer Platform 6.8 before 6.14 P2 6.14.0.2 contains an improper access control vulnerability. A remote authenticated malicious user could potentially exploit this to gain access to API information that should only be accessible with extra privileges...

CVE-2023-32550

Landscape's server-status page exposed sensitive system information. This data leak included GET requests which contain information to attack and leak further information from the Landscape API...