Lucene search
K

1637 matches found

Nuclei
Nuclei
added yesterday102 views

Spring MVC Framework - Local File Inclusion

Spring MVC Framework versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported are vulnerable to local file inclusion because they allow applications to configure Spring MVC to serve static resources e.g. CSS, JS, images. A malicious user can send a request using a...

5.9CVSS7AI score0.35681EPSS
Exploits1References5
CVE
CVE
added 5 days ago12 views

CVE-2026-58291

CVE-2026-58291 affects Microsoft Edge (Chromium-based). The description indicates an information disclosure vulnerability where an attacker can disclose data by operating on a resource after expiration or release. CVSSv3.1 metrics cite Network attack, high complexity, no privileges required, user...

6.1CVSS5.9AI score0.00586EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-58300 Microsoft Edge for Android Information Disclosure Vulnerability

...

6.2CVSS0.00361EPSS
Exploits0References1
CVE
CVE
added 5 days ago11 views

CVE-2026-58297

CVE-2026-58297 affects Microsoft Edge for Android. The issue is an information disclosure that allows an unauthorized attacker to exfiltrate private personal information over a network. According to the sources, the CVSS v3.1 base score is 7.1 (HIGH) with network attack vector, no privileges requ...

7.1CVSS5.9AI score0.00316EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/30 7:4 p.m.36 views

CVE-2026-9836 IBM DataStage Flow Designer application is affected by an information disclosure vulnerability

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...

3.5CVSS0.00241EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/30 7:4 p.m.7 views

EUVD-2026-40378

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...

3.5CVSS5.8AI score0.00241EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 2:16 p.m.13 views

CVE-2018-25437

WordPress CherryFramework Themes 3.1.4 contains an information disclosure vulnerability that allows unauthenticated attackers to download sensitive backup files by accessing the downloadbackup.php endpoint. Attackers can directly access the downloadbackup.php script in the admin/datamanagement...

8.7CVSS0.00287EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 6:30 p.m.21 views

EUVD-2026-35465

An information disclosure vulnerability in the NETGEAR Orbi satellites could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not impacted by this...

7.2CVSS5.4AI score0.00278EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/09 5:6 p.m.9 views

CVE-2026-42970 Windows Push Notification Information Disclosure Vulnerability

...

5.5CVSS5.4AI score0.00404EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 5:5 p.m.9 views

CVE-2026-45604 Windows Managed Installer Information Disclosure Vulnerability

...

5.5CVSS5.4AI score0.00341EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.27 views

CVE-2026-42835 Microsoft Teams for Android Information Disclosure Vulnerability

...

8.1CVSS0.01259EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:4 p.m.39 views

CVE-2026-45502 Microsoft Exchange Server Information Disclosure Vulnerability

...

5CVSS0.00464EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:4 p.m.30 views

CVE-2026-45466 Microsoft Word Information Disclosure Vulnerability

...

3.3CVSS0.00371EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 3:50 p.m.8 views

CVE-2026-0411 A Sensitive Information Disclosure Vulnerability in NETGEAR Orbi Satellites

An information disclosure vulnerability in the NETGEAR Orbi satellites RBR/RBE/RBS Series could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not...

7.2CVSS5.3AI score0.00278EPSS
Exploits0References6
CVE
CVE
added 2026/06/04 10:0 p.m.23 views

CVE-2026-47655

CVE-2026-47655 describes an information-disclosure vulnerability in Microsoft Graph. An authorized attacker could disclose sensitive data over a network due to a root cause that enables exposure to an attacker with Network access, Low complexity and Low privileges, with no user interaction. The C...

6.5CVSS5.8AI score0.00756EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/04 10:0 p.m.8 views

CVE-2026-47644 Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability

...

6.5CVSS5.4AI score0.00732EPSS
Exploits0References1
CVE
CVE
added 2026/05/22 10:4 p.m.36 views

CVE-2026-23663

CVE-2026-23663 (Microsoft Global Secure Access) is a vulnerability described as an information disclosure issue stemming from improper privilege management in Azure Entra ID, enabling a network-based attacker with no user interaction to achieve privilege elevation and access confidential data. Th...

7.5CVSS5.8AI score0.00551EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/22 10:4 p.m.28 views

CVE-2026-23663 Microsoft Global Secure Access (GSA) Information Disclosure Vulnerability

...

7.5CVSS0.00551EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 6:54 p.m.32 views

CVE-2026-0240 Trust Protection Foundation: Sensitive Information Disclosure Vulnerability

An information disclosure vulnerability in Trust Protection Foundation enables an authenticated attacker to obtain sensitive information from the server's vault. Successful exploitation of this issue allows the attacker to impersonate any user within the environment and arbitrarily modify...

7.4CVSS0.00209EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:59 p.m.21 views

CVE-2026-41107

CVE-2026-41107 describes an information disclosure in Microsoft Edge (Chromium-based) caused by external control of a file name or path. The vulnerability affects Microsoft Edge for Android and the Chromium-based Edge on other platforms. The underlying issue enables an unauthorized attacker to di...

7.4CVSS5.8AI score0.00652EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder