CVE-2019-25228

Kentico Xperience contains an information-disclosure vulnerability where virtual context URLs can be leaked to external domains via the HTTP Referer header during page-builder interactions and loading of links/images. Affected is Kentico Xperience (per CVE-2019-25228 and related records) with ref...

CVE-2023-4616

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validati...

OESA-2022-1864 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: Non-transparent sharing of return predictor targets between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access.CVE-2022-26373 A use-after-free flaw was...

GE MDS PulseNET XmlAdapterServlet XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XmlAdapterServlet servlet. Due to the improper restriction of XML External...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within heapdumps.jsp. The issue results from the lack of proper validation...