CVE-2026-7313

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8.0.5700 to 13.3.7652 allows a remote authenticated attacker to obtain plain-text credentials used connect to Sitefinity Insight service. Successful exploitation requires active integration with...

CVE-2022-20942

A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance WSA, could allow an authenticated, remote attacker to retrieve sensitive information from...

Cisco Secure Web Appliance Information Disclosure (cisco-sa-cnt-sec-infodiscl-BVKKnUG)

According to its self-reported version, Cisco Secure Web Appliance is affected by an information disclosure vulnerability that could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials. This vulnerability is due to weak...

Cisco Secure Email and Web Manager Information Disclosure (cisco-sa-cnt-sec-infodiscl-BVKKnUG)

According to its self-reported version, Cisco Secure Email and Web Manager is affected by an information disclosure vulnerability that could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials. This vulnerability is due to...

TYPO3 授权问题漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland. TYPO3 suffers from an authorization issue vulnerability that stems from never evaluating the expiration time of the password reset link for TYPO3 back-end users...