CVE-2023-37525 HCL BigFix Compliance is vulnerable to a sensitive information disclosure

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals...

Newgen OmniDocs security vulnerabilities

Newgen OmniDocs is an enterprise content management suite provided by Newgen Corporation. There is a security vulnerability in Newgen OmniDocs, which stems from the lack of authentication and access control on the /omnidocs/GetListofCabinet API endpoint. This vulnerability could allow remote...

ownCloud < 10.15.1 Information Disclosure Vulnerability

ownCloud is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud";...

Design/Logic Flaw

An issue was discovered in Zammad before 6.2.0. It uses the public endpoint /api/v1/signshow for its login screen. This endpoint returns internal configuration data of user object attributes, such as selectable values, which should not be visible to the public...