WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure

WordPress Simply Schedule Appointments plugin before 1.5.7.7 is susceptible to information disclosure. The plugin is missing authorization in a REST endpoint, which can allow an attacker to retrieve user details such as name and email address. id: CVE-2022-2373 info: name: WordPress Simply Schedu...

D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure

D-LINK DIR-845L DEVICE.ACCOUNT" - "" condition: and - type: status status: - 200 digest: 4a0a004730450220107b3299f9af1ebc573e50c93fb1f6231e4f9706409a3f246051c3b48ebf1fcf022...

Seriously Simple Podcasting < 3.0.0 - Information Disclosure

The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address which by default is the admin email address via an unauthenticated crafted request. id: CVE-2023-6444 info: name: Seriously Simple Podcasting 3.0.0 - Information Disclosure author: s4e-io...

AnythingLLM - Information Disclosure

AnythingLLM suffers from an information disclosure vulnerability through the /api/setup-complete API endpoint. By accessing this endpoint, a remote and unauthenticated attacker can access sensitive configuration of the target AnythingLLM instance. This detection is included in the AI and LLM...

Digital Watchdog DW Spectrum Server 4.2.0.32842 - Information Disclosure

Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation via a crafted API call. id: CVE-2022-34534 info: name: Digital Watchdog DW Spectrum Server 4.2.0.32842 - Information Disclosure author: ritikchaddha severity: high description: | Digital Watchdog DW...

RHEL 9 : xorg-x11-server-Xwayland (RHSA-2026:20562)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:20562 advisory. Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: xwayland: X.Org X server: Denial of Service via integer...

Node.js: Node.js: Information disclosure via timing oracle in HMAC verification

A flaw was found in Node.js. The HMAC Hash-based Message Authentication Code verification process uses a comparison method that does not take a constant amount of time. This non-constant-time comparison can leak timing information, which, under specific conditions where precise timing measurement...

CVE-2026-32927

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!settemptypedefault. Opening a crafted V7 file may lead to information disclosure from the affected product...

Fedora: Security Advisory (FEDORA-2026-39819a3d62)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-32600

A flaw was found in xml-security, a library for XML signatures and encryption. This vulnerability arises from a lack of validation for the authentication tag length in XML nodes encrypted with AES-GCM Advanced Encryption Standard Galois/Counter Mode. A remote attacker can exploit this by...

CVE-2025-33231

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...

Updated libsoup3 & libsoup packages fix security vulnerabilities

Libsoup: heap buffer over-read in skipinsignificantspace when sniffing content. CVE-2025-2784 Libsoup: denial of service attack to websocket server. CVE-2025-32049 Libsoup: integer overflow in appendparamquoted. CVE-2025-32050 Libsoup: segmentation fault when parsing malformed data uri...

Amazon Linux 2023 : cuda-nvrtc-13, cuda-nvrtc-devel-13 (ALAS2023NVIDIA-2025-171)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-171 advisory. NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successfu...

[SECURITY] [DLA 4309-1] libxslt security update

Debian LTS Advisory DLA-4309-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin September 25, 2025 https://wiki.debian.org/LTS Package : libxslt Version : 1.1.34-4+deb11u3 CVE ID : CVE-2023-40403 CVE-2025-7424 Debian Bug : 1108074 1109123 Two vulnerabilities were...

CVE-2023-31041

An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure...

CVE-2025-4901

A vulnerability classified as problematic was found in D-Link DI-7003GV2 24.04.18D1 R68125. Affected by this vulnerability is the function sub41E304 of the file /H5/stateview.data of the component HTTP Endpoint. The manipulation leads to information disclosure. The attack can only be done within...

CVE-2023-50212

D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability...

CVE-2023-42084

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

openSUSE Security Advisory (SUSE-SU-2024:0808-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ASB-A-300007708

In setParameter of MtpPacket.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...