Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 2026/01/15 4:38 p.m.2 views

CVE-2026-23493

Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, the httperrorlog file stores the $COOKIE and $SERVER variables, which means sensitive information such as database passwords, cookie session data, and other details can be accessed or recovered through t...

8.6CVSS5.5AI score0.00001EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2026/01/15 4:38 p.m.19 views

CVE-2026-23493 Pimcore ENV Variables and Cookie Informations are exposed in http_error_log

Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, the httperrorlog file stores the $COOKIE and $SERVER variables, which means sensitive information such as database passwords, cookie session data, and other details can be accessed or recovered through t...

8.6CVSS0.00001EPSS
Exploits0References5
Snyk
Snykadded 2024/03/01 3:31 p.m.1 views

Cross-site Scripting (XSS)

Overview sidekiq-unique-jobs is a package containing unique jobs that were removed from sidekiq. Affected versions of this package are vulnerable to Cross-site Scripting XSS via filter functions. An attacker can obtain sensitive information from the application using this package, including...

6.1CVSS5.3AI score0.00266EPSS
Exploits1References2
CNNVD
CNNVDadded 2021/07/06 12:0 a.m.2 views

IBM Guardium Data Encryption 信息泄露漏洞

IBM Security Guardium Data Encryption is an American IBM software for securing sensitive data within an organization. The software protects assets located in cloud, virtual, big data and physical environments by controlling access to databases, files, applications and containers. An information...

8.8CVSS5.4AI score0.00127EPSS
Exploits0References3
OSV
OSVadded 2020/04/08 2:15 p.m.1 views

CVE-2020-4289

IBM Security Information Queue ISIQ 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM...

5.3CVSS5.8AI score0.00138EPSS
Exploits0References2
CNVD
CNVDadded 2016/07/05 12:0 a.m.1 views

IBM WebSphere Application Server Liberty Profile Information Disclosure Vulnerability

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform.Liberty Profile is a WAS dynamic server Liberty Profile is a...

7.5CVSS9.2AI score0.00278EPSS
Exploits0References1
CNVD
CNVDadded 2015/09/27 12:0 a.m.1 views

IBM WebSphere eXtreme Scale Information Disclosure Vulnerability

IBM WebSphere eXtreme Scale is a distributed caching solution. IBM WebSphere Extreme Scale does not set a security flag for session cookies in SSL mode, allowing remote attackers to obtain cookie information by intercepting HTTP sessions...

4.3CVSS6.5AI score0.00254EPSS
Exploits0References1
Rows per page
Query Builder