CVE-2026-45544 Nextcloud: Information Disclosure of view filter metdata via Broken Sensitive Data Masking in ViewService

Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. This issue has been patched in versions 1.0.4 and 2.0.0...

PT-2026-41971

Summary The original fix for GHSA-3v3m-wc6v-x4x3 is incomplete. argocd app diff --server-side-diff can still expose Kubernetes Secret values embedded in the kubectl.kubernetes.io/last-applied-configuration annotation. The prior fix masks top-level Secret data in ServerSideDiff responses, but it...

Information Disclosure

Argo CD is vulnerable to Information Exposure. The vulnerability is due to missing authorization and insufficient data masking in the ServerSideDiff endpoint, which allows an attacker with read-only access to extract plaintext Kubernetes Secret data through the Server-Side Apply dry-run mechanism...

Information Disclosure of view filter metadata via Broken Sensitive Data Masking in ViewService

None...

CVE-2026-42880

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext...

[SECURITY] Fedora 44 Update: postgresql16-anonymizer-3.0.5-2.fc44

PostgreSQL Anonymizer is an extension to mask or replace personally identifiable information PII or commercially sensitive data from a PostgreSQL database. The project has a declarative approach of anonymization. This means you can declare the masking rules using the PostgreSQL Data Definition...

Introducing the Generative Application Firewall (GAF)

This paper introduces the Generative Application Firewall GAF, a new architectural layer for securing LLM applications. Existing defenses -- prompt filters, guardrails, and data-masking -- remain fragmented; GAF unifies them into a single enforcement point, much like a WAF coordinates defenses fo...

EUVD-2021-25408

Malware in sbrugna...

EUVD-2020-22776

Malware in sbrugna...

EUVD-2022-27499

Malicious code in bioql PyPI...

New in Syteca Release 7.21: Agentless Access, Sensitive Data Masking, and Smooth Session Playback

Waltham, United States, 17th September 2025, CyberNewsWire...

Cryptographic Challenges: Masking Sensitive Data in Cyber Crimes through ASCII Art

The use of ASCII art as a novel approach to masking sensitive information in cybercrime, focusing on its potential role in protecting personal data during the delivery process and beyond, is presented. By examining the unique properties of ASCII art and its historical context, this study discusse...

Sensitive Information Disclosure

sentry-android is vulnerable to Sensitive Information Disclosure. The vulnerability is due to inadequate data masking of sensitive data appearing in Jetpack Compose text composables during Android session replays under specific configurations...

CVE-2025-5690 Cursor allows PostgreSQL Anonymizer masked user to gain unauthorized access to authentic data

PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pgdump. This problem occurs only when dynamic masking is enabled, which is not the...

CVE-2025-5690 Cursor allows PostgreSQL Anonymizer masked user to gain unauthorized access to authentic data

PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pgdump. This problem occurs only when dynamic masking is enabled, which is not the...

CVE-2020-2983

Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager component: Data Masking. Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

Release Information for Veeam Backup for Salesforce 3 Cumulative Patches

Requirements Please confirm that you are running Veeam Backup for Salesforce 3 build 3.1.2.3133 or earlier before upgrading. You can find the currently installed build number in the Configuration About section. After the upgrade, the Veeam Backup for Salesforce build number will be 3.2.0.3957...

Microsoft SQL Server Masked Data Exposure

Title: SQL Server Masked Data Exposure Through Brute Force Attack Product: Database Manufacturer: Microsoft Affected Versions: SQL Server 2014, 2016,2017,2019,2022 Tested Versions: SQL Server 2014, 2016,2017,2019,2022 Risk Level: Low Security Feature: Dynamic Data Masking Author of Advisory: Emad...

Sensitive Information Into Log File

jberet-core is vulnerable to Insertion of Sensitive Information into Log File. The vulnerability is due to missing data masking during logging via the getConnection method within JdbcRepository.java. It occurs when error messages include sensitive information, such as database connection properti...

Oracle DBMS_REDACT Dynamic Data Masking Bypass Vulnerability

Proof of concept overview on how the DBMSREDACT Dynamic Data Masking security feature in Oracle can be bypassed. Affected versions include 19c and 21c. Title: ByPassing DBMSREDACT Dynamic Data Masking security feature in Oracle database system Product: Database Manufacturer: Oracle Affected...