CVE-2026-34391 Fleet Vulnerable to Windows MDM cross-device command disclosure

Fleet is open source device management software. Prior to 4.81.1, a vulnerability in Fleet's Windows MDM command processing allows a malicious enrolled device to access MDM commands intended for other devices, potentially exposing sensitive configuration data such as WiFi credentials, VPN secrets...

CVE-2021-36184

A improper neutralization of Special Elements used in an SQL Command 'SQL Injection' in Fortinet FortiWLM version 8.6.1 and below allows attacker to disclosure device, users and database information via crafted HTTP requests...

Improper access control

VMware AirWatch Console AWC contains a Broken Access Control vulnerability. Successful exploitation of this issue could result in end-user device details being disclosed to an unauthorized administrator...

Information about LenovoEMC devices may be disclosed if the device has an Internet-accessible management interface

Lenovo Security Advisory: LEN-3846 Potential Impact: Disclosure of information about device Severity:Low Summary: An unauthenticated user may be able to view device information about the LenovoEMC device if the management interface accessible over the internet. Even with this vunerability, no dat...

KPMG-2002033: Resin DOS device path disclosure

-------------------------------------------------------------------- Title: Resin DOS device path disclosure BUG-ID: 2002033 Released: 17th Jul 2002 -------------------------------------------------------------------- Problem: ======== It is possible to disclose the physical path to the webroot...