CVE-2025-15634

CVE-2025-15634: In HCL BigFix WebUI, a missing authorization flaw lets an authenticated user with LOW privileges view sensitive environmental information via direct URL access to an unauthorized page. Impact: confidentiality (environmental data) exposed; attack vector: network; complexity: low; r...

HCL BigFix WebUI 安全漏洞

HCL BigFix WebUI is a web-based administration page from HCL India. A security vulnerability exists in HCL BigFix WebUI, which stems from an authorization gap that could result in an authenticated user without appropriate privileges accessing an unauthorized page to view sensitive environmental...

DELL BSAFE Crypto-J Information Disclosure Vulnerability

DELL BSAFE Crypto-J is a cryptographic toolkit developed by Dell to help developers add privacy and authentication features to applications. An information disclosure vulnerability exists in DELL BSAFE Crypto-J, which stems from an error message that contains sensitive environmental information a...

Dell Crypto-J 安全漏洞

DELL BSAFE Crypto-J is a cryptographic toolkit developed by Dell to help developers add privacy and authentication features to applications. An information disclosure vulnerability exists in DELL BSAFE Crypto-J, which stems from an error message that contains sensitive environmental information a...

CVE-2022-24797

Pomerium is an identity-aware access proxy. In distributed service mode, Pomerium's Authenticate service exposes pprof debug and prometheus metrics handlers to untrusted traffic. This can leak potentially sensitive environmental information or lead to limited denial of service conditions. This...

CVE-2022-23726

PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information...