45 matches found
RHSA-2026:0470
creationtimestamp| type| source ---|---|--- 2026-01-12 18:58:32+00:00| seen| https://gist.github.com/Darkcrai86/253a340cf22f25cccc4d5a86436ba41b...
CVE-2021-31547
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its AbuseFilterCheckMatch API reveals suppressed edits and usernames to unprivileged users through the iteration of crafted AbuseFilter rules...
CVE-2023-49283
microsoft-graph-core the Microsoft Graph Library for PHP. The Microsoft Graph Beta PHP SDK published packages which contained test code that enabled the use of the phpInfo function from any application that could access and execute the file at...
Information Disclosure
github.com/siderolabs/omni is vulnerable to an information disclosure. The vulnerability is due to sensitive data being leaked through an API, which allows an attacker to access exposed information...
CVE-2025-52630
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION.This issue affects AION: 2.0...
EUVD-2018-12947
Malware in sbrugna...
EUVD-2021-28231
Malicious code in bioql PyPI...
EUVD-2022-28564
Malicious code in bioql PyPI...
EUVD-2022-29642
Malicious code in bioql PyPI...
EUVD-2021-8709
Malicious code in bioql PyPI...
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via an anonymously accessible endpoint that reveals details about configured password requirements. An attacker can gain insight into password policy information...
CVE-2024-32716
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StreamWeasels StreamWeasels Twitch Integration.This issue affects StreamWeasels Twitch Integration: from n/a through 1.7.8...
CVE-2025-46826
insa-auth is an authentication server for INSA Rouen. A minor issue allowed third-party websites to access the server's secondary authentication bridge, potentially revealing basic student information name and number. However, the issue posed minimal risk, was never exploited, and had limited...
Khan Academy: Leaked reused password for a few Khan Academy users
A large number of Khan Academy user credentials, including emails and passwords, were exposed through a Telegram bot. The exact source of the leaked data is unknown, but the volume of exposed information was substantial...
CVE-2025-30654
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the User Interface UI of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged, authenticated attacker with access to the CLI to access sensitive information. Through the execution of a specific...
Doxbin Data Breach: Hackers Leak 136K User Records and Blacklist File
Doxbin Data Breach: Hackers leak 136,000+ user records, emails, and a ‘blacklist’ file, exposing those who paid to…...
PT-2025-2599 · Joomla +2 · Joomla! +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to improper access controls, which allow unauthorized access to protected views. This could potentially lead to sensitive informati...
The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Apache Airflow lies in the fact that it exposes information in debugging messages, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Apache Airflow lies in the exposure of information in debugging messages. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...
Misconfiguration in message sending function
Description Web application misconfiguration in messaging function. This vulnerability results in a user's messages being automatically sent to all other users. This results in the user's information potentially being exposed Proof of Concept link video Poc...
PT-2023-13711 · Mediawiki · Mediawiki Checkuser Extension
Name of the Vulnerable Software and Affected Versions: MediaWiki CheckUser extension versions through 1.39.x Description: An issue in the CheckUser extension for MediaWiki exposes information on the performer of edits and logged actions, which should only be viewable by users with suppression or...