1637 matches found
Spring MVC Framework - Local File Inclusion
Spring MVC Framework versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported are vulnerable to local file inclusion because they allow applications to configure Spring MVC to serve static resources e.g. CSS, JS, images. A malicious user can send a request using a...
CVE-2026-58291
CVE-2026-58291 affects Microsoft Edge (Chromium-based). The description indicates an information disclosure vulnerability where an attacker can disclose data by operating on a resource after expiration or release. CVSSv3.1 metrics cite Network attack, high complexity, no privileges required, user...
CVE-2026-58300 Microsoft Edge for Android Information Disclosure Vulnerability
...
CVE-2026-58297
CVE-2026-58297 affects Microsoft Edge for Android. The issue is an information disclosure that allows an unauthorized attacker to exfiltrate private personal information over a network. According to the sources, the CVSS v3.1 base score is 7.1 (HIGH) with network attack vector, no privileges requ...
CVE-2026-9836 IBM DataStage Flow Designer application is affected by an information disclosure vulnerability
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...
EUVD-2026-40378
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...
CVE-2018-25437
WordPress CherryFramework Themes 3.1.4 contains an information disclosure vulnerability that allows unauthenticated attackers to download sensitive backup files by accessing the downloadbackup.php endpoint. Attackers can directly access the downloadbackup.php script in the admin/datamanagement...
EUVD-2026-35465
An information disclosure vulnerability in the NETGEAR Orbi satellites could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not impacted by this...
CVE-2026-42970 Windows Push Notification Information Disclosure Vulnerability
...
CVE-2026-45604 Windows Managed Installer Information Disclosure Vulnerability
...
CVE-2026-42835 Microsoft Teams for Android Information Disclosure Vulnerability
...
CVE-2026-45502 Microsoft Exchange Server Information Disclosure Vulnerability
...
CVE-2026-45466 Microsoft Word Information Disclosure Vulnerability
...
CVE-2026-0411 A Sensitive Information Disclosure Vulnerability in NETGEAR Orbi Satellites
An information disclosure vulnerability in the NETGEAR Orbi satellites RBR/RBE/RBS Series could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not...
CVE-2026-47655
CVE-2026-47655 describes an information-disclosure vulnerability in Microsoft Graph. An authorized attacker could disclose sensitive data over a network due to a root cause that enables exposure to an attacker with Network access, Low complexity and Low privileges, with no user interaction. The C...
CVE-2026-47644 Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability
...
CVE-2026-23663
CVE-2026-23663 (Microsoft Global Secure Access) is a vulnerability described as an information disclosure issue stemming from improper privilege management in Azure Entra ID, enabling a network-based attacker with no user interaction to achieve privilege elevation and access confidential data. Th...
CVE-2026-23663 Microsoft Global Secure Access (GSA) Information Disclosure Vulnerability
...
CVE-2026-0240 Trust Protection Foundation: Sensitive Information Disclosure Vulnerability
An information disclosure vulnerability in Trust Protection Foundation enables an authenticated attacker to obtain sensitive information from the server's vault. Successful exploitation of this issue allows the attacker to impersonate any user within the environment and arbitrarily modify...
CVE-2026-41107
CVE-2026-41107 describes an information disclosure in Microsoft Edge (Chromium-based) caused by external control of a file name or path. The vulnerability affects Microsoft Edge for Android and the Chromium-based Edge on other platforms. The underlying issue enables an unauthorized attacker to di...