47 matches found
Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal
Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request to the REST API. id: CVE-2018-19365 info: name: Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal author: 0xAkoko severity: critical...
EUVD-2021-18332
Malware in sbrugna...
EUVD-2022-37794
Malicious code in bioql PyPI...
EUVD-2025-12186
Malicious code in bioql PyPI...
EUVD-2024-19984
Malicious code in bioql PyPI...
CVE-2023-33355
IceCMS v1.0.0 has Insecure Permissions. There is unauthorized access to the API, resulting in the disclosure of sensitive information...
CVE-2023-46662
Sielco PolyEco1000 is vulnerable to an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this via a specially crafted request to gain access to sensitive information...
CVE-2022-43650
This vulnerability allows remote attackers to disclose sensitive information on affected installations of RARLAB WinRAR 6.11.0.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2017-18789
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6250 before V1.0.4.8, R6400 before V1.0.1.22, R6400v2 before V1.0.2.32, R7100LG before V1.0.0.32, R7300 before V1.0.0.52, R8300 before V1.0.2.94, R8500 before V1.0.2.100, D6220 before V1.0.0.28, D6400 befor...
CVE-2025-1212 Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab
An information disclosure vulnerability in GitLab CE/EE affecting all versions from 8.3 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send a crafted request to a backend server to reveal sensitive information...
CVE-2024-35111 IBM Control Center information disclosure
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...
CVE-2024-41780 IBM Jazz Foundation information disclosure
IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could could allow a physical user to obtain sensitive information due to not masking passwords during entry...
CVE-2024-12754
AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
CVE-2024-52897
CVE-2024-52897 affects IBM MQ web console. The IBM security bulletins describe that an attacker could obtain sensitive information when a detailed technical error message is returned. Affected: IBM MQ Appliance 9.3 LTS/CD and 9.4 LTS/CD (web console). Remediation/fix: apply the cumulative securit...
CVE-2021-39081 IBM Cognos Analytics Mobile information disclosure
IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
CVE-2024-49820 IBM Security Guardium Key Lifecycle Manager information disclosure
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man i...
FreeBSD Information Disclosure Vulnerability (CNVD-2025-09232)
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD has an information disclosure vulnerability that can be exploited by attackers to gain access to sensitive information...
Google Android Information Disclosure Vulnerability (CNVD-2024-27516)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...
Huawei HarmonyOS and EMUI Information Disclosure Vulnerability (CNVD-2024-12232)
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. Huawei HarmonyOS and EMUI have an information disclosu...
Google Android Information Disclosure Vulnerability (CNVD-2024-01377)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...