CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/11/01 6:30 a.m.•2 views

EUVD-2025-37421

The Folderly plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the /wp-json/folderly/v1/config/clear-all-data REST API endpoint in all versions up to, and including, 0.3. This makes it possible for authenticated attackers, with...

4.3CVSS5.1AI score0.00038EPSS

Exploits0References3

OSV•added 2023/11/14 7:15 p.m.•0 views

CVE-2021-46766

Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality...

5.5CVSS5.8AI score

Exploits0References3

Prion•added 2023/11/14 7:15 p.m.•18 views

Input validation

Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality...

1.7CVSS6.8AI score0.00033EPSS

Exploits0References3Affected Software28

SUSE CVE•added 2023/02/15 5:34 a.m.•1 views

SUSE CVE-2013-5745

The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial ...

7.1CVSS6.9AI score0.18726EPSS

Exploits5References7

Github Security Blog•added 2022/05/17 4:58 a.m.•22 views

OpenStack Cinder LVMVolumeDriver does not zero deleted snapshots

The clearvolume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors...

2.1CVSS6.2AI score0.00156EPSS

Exploits1References8Affected Software1

Prion•added 2021/11/05 11:15 p.m.•18 views

Authorization

Pomerium is an open source identity-aware access proxy. In affected versions changes to the OIDC claims of a user after initial login are not reflected in policy evaluation when using allowedidpclaims as part of policy. If using allowedidpclaims and a user's claims are changed, Pomerium can make...

6.5CVSS8.6AI score0.00238EPSS

Exploits0References2Affected Software1

OSV•added 2018/09/25 2:29 p.m.•0 views

UBUNTU-CVE-2018-6053

Inappropriate implementation in New Tab Page in Google Chrome prior to 64.0.3282.119 allowed a local attacker to view website thumbnail images after clearing browser data via a crafted HTML page...

3.3CVSS6.7AI score0.0017EPSS

Exploits0References3