61 matches found
CVE-2026-31909
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...
CVE-2026-34087
CVE-2026-34087 affects Wikimedia Foundation OATHAuth. The connected documents confirm the issue is an exposure of sensitive information to an unauthorized actor, with affected OATHAuth versions listed as before 1.43.7, 1.44.4, 1.45.2. The exploitation status is not provided in the sources. There ...
Hitachi Energy RTU500 Product Improper Handling of Insufficient Permissions or Privileges (CVE-2026-1772)
RTU500 web interface: An unprivileged user can read user management information. The information cannot be accessed via the RTU500 web user interface but requires further tools like browser development utilities to access them without required privileges. This plugin only works with Tenable.ot...
PT-2026-4384
Name of the Vulnerable Software and Affected Versions webpushr versions through 4.38.0 Description A flaw exists in webpushr webpushr-web-push-notifications that could allow retrieval of embedded sensitive data. This issue relates to the exposure of sensitive system information to an unauthorized...
CVE-2018-19947
The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this information exposure vulnerability could disclose sensitive information. QNAP has already fixed the issue in Helpdesk 3.0.3 and later...
Grav Exposes Password Hashes Leading to privilege escalation
Exposure of Password Hashes Leading to privilege escalation Severity Rating: Medium Vector: Privilege Escalation CVE: XXX CWE: 200 - Exposure of Sensitive Information CVSS Score: 6.2 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L Analysis It was observed that if a users is given read...
Siemens SIMATIC S7-1500 Exposure of Sensitive Information to an Unauthorized Actor (CVE-2019-1010024)
DISPUTED GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate this is being treated as a non-security bug and no real threat. This plugin only works with...
EUVD-2025-35173
Exposure of Sensitive Information to an Unauthorized Actor, Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Beyaz Bilgisayar Software Design Industry and Trade Ltd. Co. CityPLus allows Detect Unpublicized Web Pages.This issue affects CityPLus: before...
EUVD-2011-4223
Malware in sbrugna...
EUVD-2015-6635
Malware in sbrugna...
EUVD-2020-18461
Malware in sbrugna...
EUVD-2014-3005
Malware in sbrugna...
EUVD-2024-19648
Malicious code in bioql PyPI...
EUVD-2021-31311
Malicious code in bioql PyPI...
EUVD-2023-31483
Malicious code in bioql PyPI...
EUVD-2025-14850
Malicious code in bioql PyPI...
EUVD-2022-44525
Malicious code in bioql PyPI...
EUVD-2022-4760
Malicious code in bioql PyPI...
EUVD-2024-25279
Malicious code in bioql PyPI...
EUVD-2024-19839
Malicious code in bioql PyPI...