CVE-2025-12059

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Logo Software Industry and Trade Inc. Logo j-Platform allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Logo j-Platform: from 3.29.6.4 before 3.34.8.9...

Kings KESS Enterprise 安全漏洞

Kings KESS Enterprise is an endpoint security management and document encryption system from the Korean company Kings. A security vulnerability exists in previous versions of Kings KESS Enterprise .25.9.19.Exe, which stems from the exposure of sensitive information, lack of encryption, and...

Insertion of Sensitive Information into Externally-Accessible File or Directory

Overview storybook is a frontend workshop for building UI components and pages in isolation. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Externally-Accessible File or Directory via the storybook build command. An attacker can access sensitive...

Insertion of Sensitive Information into Externally-Accessible File or Directory

Overview @storybook/core-common is a Storybook framework-agnostic API Affected versions of this package are vulnerable to Insertion of Sensitive Information into Externally-Accessible File or Directory via the storybook build command. An attacker can access sensitive environment variables by...

CVE-2025-46602

Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure...

CVE-2025-46602

Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure...

CVE-2025-46602

Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure...

EUVD-2025-4394

Malicious code in bioql PyPI...

Apache Kylin 安全漏洞

Apache Kylin is the United States Apache Apache Foundation of an open source distributed analytical data warehouse . The product mainly provides Hadoop/Spark on top of the SQL query interface and multidimensional analysis OLAP and other functions. An information disclosure vulnerability exists in...

CVE-2025-6785

Securing externally available CAN wires can easily allow physical access to the CAN bus, allowing possible injection of specially formed CAN messages to control remote start functions of the vehicle. Testing completed on Tesla Model 3 vehicles with software version v11.1 2023.20.9 ee6de92ddac5...

Dell SmartFabric OS10 Software 安全漏洞

DELL SmartFabric OS10 Software is a software-defined network operating system from Dell Networks, based on Linux and open source technologies, and is primarily used to enable flexible management and automated deployment of data center network resources. DELL SmartFabric OS10 Software has a...

Schneider Electric ConneXium Network Manager 安全漏洞

Schneider Electric ConneXium Network Manager Schneider Electric Cnm is an industrial Ethernet network management software from Schneider Electric France. A security vulnerability exists in Schneider Electric ConneXium Network Manager version V2.0.01, which originates from an externally accessible...

CVE-2025-31421 WordPress Srbtranslatin plugin <= 3.2.0 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Oblak Studio Srbtranslatin srbtranslatin allows Retrieve Embedded Sensitive Data.This issue affects Srbtranslatin: from n/a through = 3.2.0...

WordPress plugin Import and export users and customers 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Import...

CVE-2023-38195

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

CVE-2023-38195

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

Omron PLC CJ and CS Series

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Omron Equipment : PLC CJ and CS Series Vulnerabilities : Authentication Bypass by Spoofing, Authentication Bypass by Capture-replay, Unrestricted Externally Accessible Lock 2. UPDATE This updated...

Omron PLC 1.0.0 - Denial of Service Exploit

Exploit Title: Omron PLC 1.0.0 - Denial of Service PoC Exploit Author: n0b0dy Vendor Homepage: https://automation.omron.com, ia.omron.com Software Link: n/a Version: 1.0.0 Tested on: PLC f/w rev.: CJ2M v2.01 CWE-412 : Unrestricted Externally Accessible Lock CVE : n/a !usr/bin/python...

Mitsubishi Electric MELSEC-Q Series Ethernet Interface Module Vulnerabilities

OVERVIEW Security researcher Vladimir Dashchenko of Critical Infrastructure Defense Team, Kaspersky Lab has identified vulnerabilities in the Mitsubishi Electric Automation, Inc. Mitsubishi Electric MELSEC-Q series Ethernet interface modules. NCCIC/ICS-CERT and JPCERT have coordinated the reporte...