PT-2026-42183

Dell PowerFlex Manager, versions =4.6.2, contains an Exposure of Information Through Directory Listing vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...

CVE-2025-52641

Technical details are not publicly available in the provided documents. Monitor for updates.

PT-2025-41537

Name of the Vulnerable Software and Affected Versions HCL AION version 2.0 Description A security issue exists in HCL AION that can lead to the exposure of sensitive information to an unauthorized actor. Recommendations At the moment, there is no information about a newer version that contains a...

Unity Linux 20.1060a / 20.1070a Security Update: nodejs-nodemon (UTSA-2025-003048)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-003048 advisory. node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Tenable has extracted the preceding description block directly from the Unity...

EUVD-2025-15554

Malicious code in bioql PyPI...

EUVD-2024-36458

Malicious code in bioql PyPI...

EUVD-2024-48663

Malicious code in bioql PyPI...

EUVD-2023-26582

Malicious code in bioql PyPI...

EUVD-2025-7316

Malicious code in bioql PyPI...

CVE-2025-8548

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function sendEmailCode of the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java of the component Registered Email Handler. The manipulation of the argument email lea...

CVE-2025-4909 SourceCodester Client Database Management System exposure of information through directory listing

A vulnerability classified as critical was found in SourceCodester Client Database Management System 1.0. This vulnerability affects unknown code. The manipulation leads to exposure of information through directory listing. The attack can be initiated remotely. The exploit has been disclosed to t...

CVE-2025-46747

CVE-2025-46747 relates to an information disclosure where an authenticated user lacking user-management privileges can identify other user accounts. Connected sources reference Schweitzer Engineering Laboratories products (e.g., SEL-5033 acSELerator RTAC Software and related devices) and note thi...

CVE-2022-49878

In the Linux kernel, the following vulnerability has been resolved: bpf, verifier: Fix memory leak in array reallocation for stack state If an error NULL is returned by krealloc, callers of reallocarray were setting their allocation pointers to NULL, but on error krealloc does not touch the...

Schneider Electric Modicon M340 and BMXNOE0100/0110, BMXNOR0200H Exposure of Sensitive Information to an Unauthorized Actor (CVE-2024-12142)

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure of restricted web page, modification of web page and denial of service when specific web pages are modified and restricted functions are invoked. This plugin only works...

CVE-2024-12012

A CWE-598 “Use of GET Request Method with Sensitive Query Strings” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. Both the SHA-1 hash of the password as well as the session tokens are included as part of the URL and therefore exposed to information leakage...

CVE-2024-45469

creationtimestamp| type| source ---|---|--- 2024-12-12 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-347-09 2025-01-22 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-056/...

CVE-2024-3073 Easy WP SMTP by SendLayer <= 2.3.0 - Exposure of Sensitive Information via the UI

The Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.3.0. This is due to plugin providing the SMTP password in the SMTP Password field when viewing the settings. This makes it possibl...

GHSA-4G9R-VXHX-9PGX

creationtimestamp| type| source ---|---|--- 2024-02-21 15:41:35+00:00| published-proof-of-concept| https://t.me/arpsyndicate/3855 2025-06-16 20:20:39+00:00| seen| https://gist.github.com/safer-bot/8eded6b925c160dc08c1b28d51d6c0c3 2025-06-17 01:00:32+00:00| seen|...

Exposure of Sensitive Information

Overview Affected versions of this package are vulnerable to Exposure of Sensitive Information via a brute force attack. An attacker can collect valid usernames by repeatedly attempting to authenticate with different usernames. Remediation Upgrade Umbraco.Cms to version 10.8.1, 12.3.4 or higher...

PT-2023-25609 · Unknown · Email Download Link

Name of the Vulnerable Software and Affected Versions: Gopi Ramasamy Email download link versions from n/a through 3.7 Description: The issue is related to Exposure of Sensitive Information to an Unauthorized Actor, which affects the Email download link. Recommendations: For versions from n/a...