Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-8009

Malware in sbrugna...

6.5CVSS8.2AI score0.00891EPSS
Exploits0References21
OpenVAS
OpenVAS
added 2025/08/20 12:0 a.m.4 views

Nginx 0.7.22 - 1.29.0 Information Disclosure Vulnerability

Nginx is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nginx:nginx";...

6.3CVSS6.1AI score0.00371EPSS
Exploits0References2
NVD
NVD
added 2025/07/07 7:15 p.m.6 views

CVE-2025-53498

Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2...

5.3CVSS0.00246EPSS
Exploits0References2
CVE
CVE
added 2025/07/07 6:35 p.m.22 views

CVE-2025-53498

CVE-2025-53498 affects Wikimedia Foundation MediaWiki - AbuseFilter Extension. Affected: AbuseFilter extension versions 1.43.X before 1.43.2. Root cause: insufficient logging/audit trails potentially enabling data leakage (data leakage attacks). Impact: confidential data could be exposed due to l...

5.3CVSS6.5AI score0.00246EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.4 views

The vulnerability of the Segnetics SMConfig system configuration tool lies in the lack of protection for transmitted data, which allows attackers to disclose the protected information.

The vulnerability of the Segnetics SMConfig system configuration tool is related to the lack of protection for transmitted data. Exploiting this vulnerability allows a malicious actor to disclose sensitive information by reading the HTTP cookie header...

6.1CVSS5.4AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/04/22 12:0 a.m.5 views

AlmaLinux 8 : mod_auth_openidc:2.3 (ALSA-2025:3997)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:3997 advisory. modauthopenidc: modauthopenidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data CVE-2025-31492 Tenable has extracted the preceding description blo...

8.2CVSS6.5AI score0.00542EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/09/18 2:26 p.m.18 views

org.xwiki.platform:xwiki-platform-notifications-ui leaks data of notification filters of users

Impact It's possible to get access to notification filters of any user by using a URL such as xwiki/bin/get/XWiki/Notifications/Code/NotificationFilterPreferenceLivetableResults?outputSyntax=plain&type=custom&user=. This vulnerability impacts all versions of XWiki since 13.2-rc-1. The filters do...

5.3CVSS6.4AI score0.0055EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2024/05/15 10:28 p.m.23 views

GHSA-QWVP-268G-JJM8 Data Leakage Vulnerability in livewire/livewire

livewire/livewire versions greater than 2.2.4 and less than 2.2.6 are affected by a data leakage vulnerability. The $this-validate method, which is expected to return only the validated dataset, was returning all properties of the Livewire component. This regression introduced a security risk,...

7AI score
Exploits0References4
CNNVD
CNNVD
added 2024/01/17 12:0 a.m.4 views

Hathway Router CM5100 Cross-Site Scripting Vulnerability

Hathway Router is a router from Hathway India. The Hathway Router CM5100 suffers from a cross-site scripting vulnerability that stems from multiple vulnerabilities in the router, which could allow a remote attacker to perform a stored cross-site scripting XSS attack, obtain sensitive information,...

6.9CVSS6.1AI score0.00358EPSS
Exploits0References3
OSV
OSV
added 2023/09/27 3:19 p.m.7 views

CVE-2023-44127

he vulnerability is that the Call management "com.android.server.telecom" app patched by LG launches implicit intents that disclose sensitive data to all third-party apps installed on the same device. Those intents include data such as contact details and phone numbers...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
CNVD
CNVD
added 2020/10/19 12:0 a.m.1 views

Information Disclosure Vulnerability in Zijin Bridge Monitoring Configuration Software (CNVD-2020-59819)

Zijinqiao monitoring and configuration software is a professional Zijinqiao monitoring and configuration software, which adopts C/S architecture and has database processing technology and graphic system. There is an information leakage vulnerability in Zijinqiao Monitoring and Control Software. A...

6.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/04/27 9:48 a.m.39 views

GDPR.EU has er… a data leakage issue

GDPR.EU is an advice site ‘operated by Proton Technologies AG, co-funded by … the EU Horizon Framework’. It’s full of useful advice for organisations that need to comply with GDPR. Whilst it isn’t an official EU Commission site, it is partly funded by the EU. You may also be familiar with Proton...

6.7AI score
Exploits0
Cvelist
Cvelist
added 2020/02/28 6:37 p.m.35 views

CVE-2020-1861

CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700,V200R002C01,V200R002C50SPC800,V200R002C50SPC800PWE,V200R003C00SPC810,V200R003C00SPC810PWE,V200R005C00SPC600,V200R005C00SPC800,V200R005C00SPC800PWE,V200R005C10,V200R005C10SPC300 have an information leakage vulnerability in some...

4.5AI score0.0022EPSS
Exploits0References1
CNVD
CNVD
added 2019/11/27 12:0 a.m.2 views

Google Chrome Cross-Origin Data Leakage Vulnerability

Chrome is a web browsing tool developed by Google. A cross-origin data leakage vulnerability exists in Google Chrome versions prior to 72.0.3626.81. The vulnerability stems from an improper implementation of JavaScript in Chrome. A remote attacker can exploit the vulnerability to leak cross-origi...

5.3CVSS8.2AI score0.00839EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/18 7:55 p.m.18 views

CVE-2019-10763

pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges classes permission can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via 'id', 'storeId', 'pageSize' and 'tables' parameters, using a payload for trigger a...

6.8AI score0.00866EPSS
Exploits0References2
OSV
OSV
added 2017/11/17 12:29 a.m.3 views

CVE-2017-15517

AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to obtain sensitive information via unspecified vectors. All users are urged to move to a fixed version and change passwords used by Veritas NetBackup to access the OST shares on the NetApp AltaVault as a precaution...

5.5CVSS5.8AI score0.0037EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/07/07 12:0 a.m.26 views

Fedora 12 : mediawiki-1.15.3-53.fc12 (2010-6335)

This is a security and bugfix release of MediaWiki 1.15.3. Three security issues are fixed in this update: A CSS validation issue was discovered which allows editors to display external images in wiki pages. A data leakage vulnerability was discovered in thumb.php which affects wikis which restri...

5CVSS5.4AI score0.0176EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2010/04/27 12:0 a.m.25 views

openSUSE Security Update : mediawiki (openSUSE-SU-2010:0154-1)

MediaWiki was prone to a CSS validation flaw and data leakage vulnerability CVE-2010-1189, CVE-2010-1190. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update mediawiki-2356. The text description o...

5CVSS5.3AI score0.0176EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2005/02/16 12:0 a.m.25 views

HP-UX Security patch : PHNE_28535

The remote host is missing HP-UX Security Patch number PHNE28535 . SSRT3451 Potential Security Vulnerability in HP-UX network drivers Data Leakage rev. 01 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc';...

6.7AI score
Exploits0References1
Rows per page
Query Builder