CVE-2024-31398

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users...

CVE-2024-31398

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users...

CVE-2024-31398

CVE-2024-31398 affects Cybozu Garoon 5.0.0 to 5.15.2. The issue is an information disclosure where sensitive data can be exposed from the user list when an attacker who can log in to the product exploits the flaw (insertion of sensitive information into sent data). The connected sources confirm t...

CVE-2024-31398

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users...

CVE-2024-31398

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users...

CVE-2024-31404

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of Scheduler...

CVE-2024-31404

CVE-2024-31404 affects Cybozu Garoon 5.5.0–6.0.0. The issue is a Scheduler browsing restriction bypass that may let an authenticated user view Scheduler data. Impact: information disclosure by a logged-in user. Remediation: update Cybozu Garoon to the latest version per vendor guidance. (Public s...

CVE-2024-31404

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of Scheduler...

CVE-2024-31400

Cybozu Garoon 5.0.0–5.15.0 contains an information-disclosure vulnerability where sensitive data can be left in forwarded mail (CVE-2024-31400). Red Hat and other sources confirm the issue affects information sent via mail and can lead to unintended data exposure. The root cause is described as i...

CVE-2024-31400

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0. If this vulnerability is exploited, unintended data may be left in forwarded mail...

Oracle Java SE 安全漏洞

Oracle Java SE and Oracle GraalVM are both products of Oracle Corporation.Oracle Java SE is a product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM is a suite of on-the-fly compilers written in the Java languag...

The vulnerability of the XWiki Platform, a platform for creating collaborative web applications, lies in its lack of protection for website structures. This allows attackers to insert arbitrary information into wiki projects.

The vulnerability of the XWiki Platform lies in the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to insert arbitrary information into the wiki project remotely...

CVE-2023-30711

Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider...

Authentication flaw

Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider...

CVE-2023-30711

Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider...

CVE-2023-30711

Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider...

CVE-2023-32468

Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data...

CVE-2023-2620 Insertion of Sensitive Information Into Sent Data in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1. A maintainer could modify a webhook URL to leak masked webhook secrets by manipulating other masked portions...

CVE-2023-29725

The BT21 x BTS Wallpaper app 12 for Android allows unauthorized applications to actively request permission to insert data into the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the application is opened. By injecting...

CVE-2023-29725

The BT21 x BTS Wallpaper app 12 for Android allows unauthorized applications to actively request permission to insert data into the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the application is opened. By injecting...