25 matches found
EUVD-2015-8418
Malware in sbrugna...
EUVD-2004-0263
Malware in sbrugna...
EUVD-2006-0648
Malware in sbrugna...
EUVD-2024-37173
Malicious code in bioql PyPI...
PT-2025-26810 · Unknown · Network Printer
Name of the Vulnerable Software and Affected Versions: Brother, FUJIFILM, RICOH, Toshiba Tec, and Konica Minolta Printers affected versions not specified Description: An unauthenticated attacker with access to the HTTP service TCP port 80, HTTPS service TCP port 443, or IPP service TCP port 631 c...
CVE-2025-4673
Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information...
CVE-2020-28025
Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkimfinishbodyhash does not validate the relationship between sig-bodyhash.len and b-bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory...
CVE-2019-6655
On versions 13.0.0-13.1.0.1, 12.1.0-12.1.4.1, 11.6.1-11.6.4, and 11.5.1-11.5.9, BIG-IP platforms where AVR, ASM, APM, PEM, AFM, and/or AAM is provisioned may leak sensitive data...
Adobe Animate Out-of-Bounds Read Vulnerability (CNVD-2025-07804)
Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a sensitive memory leak...
CVE-2025-0192
A stored Cross-site Scripting XSS vulnerability exists in the latest version of wandb/openui. The vulnerability is present in the edit HTML functionality, where an attacker can inject malicious scripts. When the modified HTML is shared with another user, the XSS payload executes, potentially...
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager EPM contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information...
CVE-2024-29900
Electron Packager bundles Electron-based application source code with a renamed Electron executable and supporting files into folders ready for distribution. A random segment of 1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This...
Google Pixel 安全漏洞
Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability. Attackers can leak sensitive information by exploiting the vulnerability...
CVE-2024-13159
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information...
CVE-2024-44125
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7. A malicious application may be able to leak sensitive user information...
CVE-2024-38206
An authenticated attacker can bypass Server-Side Request Forgery SSRF protection in Microsoft Copilot Studio to leak sensitive information over a network...
USN-6589-1 filezilla vulnerability
Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the "Terrapin attack". A remote attacker could use this issue to downgrade or disable some security features and obtain sensitive information...
CVE-2023-22480 KubeOperator is vulnerable to unauthorized access to system API
KubeOperator is an open source Kubernetes distribution focused on helping enterprises plan, deploy and operate production-level K8s clusters. In KubeOperator versions 3.16.3 and below, API interfaces with unauthorized entities and can leak sensitive information. This vulnerability could be used t...
PT-2022-21478 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.5 Security Update 2022-005 Catalina is also a fixed version, implying that versions prior to this update are affected. Description: An out-of-bounds read issue was addressed with improved bounds checking. A user in ...
Code injection
A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local user may be able to leak sensitive user information...