CVE-2024-39729

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system. IBM X-Force ID: 295968...

CVE-2024-4577

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use “Best-Fit” behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...

CVE-2024-1272

Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data.This issue affects Cockpit Software: before v0.251.1...

CVE-2024-1272

Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data. This issue affects Cockpit Software: before v0.251.1...

CVE-2024-32042

The key used to encrypt passwords stored in the database can be found in the CyberPower PowerPanel application code, allowing the passwords to be recovered...

PT-2024-5328 · Dell · Dell Edge Gateway Bios

Name of the Vulnerable Software and Affected Versions: Dell Edge Gateway BIOS versions 3200 and 5200 Description: The issue is related to an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to exposu...

The vulnerability of the /login.php component of the user registration and login system, PHP-MYSQL-User-Login-System, allows a hacker to disclose protected information.

The vulnerability of the /login.php component of the PHP-MYSQL-User-Login-System registration and login system is related to the disclosure of information through the source code. Exploiting this vulnerability allows a malicious actor to disclose the protected information...

PT-2024-1434 · Unknown · Machinesense +3

Name of the Vulnerable Software and Affected Versions: MachineSense affected versions not specified FeverWarn ESP32 affected versions not specified FeverWarn RaspberryPi affected versions not specified FeverWarn DataHub RaspberryPi affected versions not specified Description: The cloud provider...

The vulnerability of the Sangfor NGAF firewall lies in the lack of protection for service data, allowing attackers to obtain the original PHP code.

The vulnerability of the Sangfor NGAF firewall lies in the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to obtain the original PHP code by sending a specially crafted HTTP request with an invalid Content-Length field...

Code injection

An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to...

CVE-2023-3413

CVE-2023-3413 affects GitLab: all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. The vulnerability allows reading the source code of a project through a fork created before changing visibility to only pr...

PT-2023-24693 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 16.2 through 16.2.7 GitLab versions 16.3 through 16.3.4 GitLab versions 16.4 through 16.4.0 Description: An issue has been discovered in GitLab, allowing an attacker to read the source code of a project through a fork created...

CVE-2023-33477

In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path...

CVE-2023-33477

In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path...

CVE-2023-33477

In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path...

PT-2023-24352 · Harmonic · Harmonic Nsg 9000-6G

Name of the Vulnerable Software and Affected Versions: Harmonic NSG 9000-6G devices affected versions not specified Description: The issue allows an authenticated remote user to obtain source code by directly requesting a special path. Recommendations: At the moment, there is no information about...

CVE-2023-23448

Inclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames via analysis of source code...

CVE-2022-48435

In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file...

JetBrains PhpStorm 日志信息泄露漏洞

JetBrains PhpStorm is an application from the Czech company JetBrains. It provides an application for writing code. A log information disclosure vulnerability exists in JetBrains PhpStorm versions prior to 2023.1, which stems from the fact that code can be logged locally in the idea.log file...

PT-2022-6229 · Omron · Omron Cp1L-El20Dr-D

Name of the Vulnerable Software and Affected Versions: OMRON CP1L-EL20DR-D all versions Description: The issue is related to the implementation of the Factory Interface Network Service FINS protocol in the OMRON CP1L-EL20DR-D programmable logic controller's firmware, specifically due to...