Lucene search
K

19 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/23 12:13 p.m.6 views

CVE-2026-56322

Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /updates endpoint that resolves the defaultChannel parameter before enforcing privacy restrictions, allowing attackers to enumerate private channels and leak version/config state. Unauthenticated attacke...

8.7CVSS5.9AI score0.00334EPSS
Exploits0References3
NVD
NVD
added 2026/06/12 10:16 p.m.14 views

CVE-2026-49397

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.0 to before version 2.0.14, private services EnableShowInService: false are enumerable via per-server endpoints, leaking name and timing data. This issue has been patched in version...

5.3CVSS0.00253EPSS
Exploits0References1
OSV
OSV
added 2026/06/10 1:39 p.m.13 views

GHSA-VRMH-5MMX-HJWX Nezha's private services (`EnableShowInService: false`) are enumerable via per-server endpoints, leaking name and timing data

Private services EnableShowInService: false are enumerable via per-server endpoints, leaking name and timing data CWE: CWE-285 Improper Authorization via CWE-200 Exposure of Sensitive Information to an Unauthorized Actor and CWE-863 Incorrect Authorization — inconsistent gating across data-reader...

5.3CVSS5.7AI score0.00253EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/24 3:52 p.m.12 views

Malicious code in power-platform-playwright-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57967d58233d74f2fc4f9b0dee7c050370eb388050df8d63f29e719f83468d73 On npm install, the package's postinstall script postinstall.js collects host identifiers and CI context — whoami, os.hostname, os.platform, cwd, CI,...

5.8AI score
Exploits0References2
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.11 views

HCL Sametime 安全漏洞

HCL Sametime is a conference solution developed by the Indian company HCL. There is a security vulnerability in HCL Sametime for iOS. This vulnerability stems from the leakage of sensitive information, which may lead to the inclusion of host name information in application logs and certain URLs...

3.3CVSS5.8AI score0.001EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-27958

Malware in sbrugna...

5.3CVSS7.4AI score0.01561EPSS
Exploits0References22
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-55610

Malicious code in bioql PyPI...

6.3AI score0.00147EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/07/26 12:0 a.m.4 views

Comodo Dragon 安全漏洞

Comodo Dragon is a web browser from Comodo China. A security vulnerability exists in Comodo Dragon version 134.0.6998.179 and prior versions, which stems from a component IP DNS Leakage Detector that causes sensitive information to be transmitted in clear text...

6.3CVSS4.5AI score0.00433EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/07/27 12:0 a.m.5 views

NETGEAR WN604 安全漏洞

The NETGEAR WN604 is a small wireless router from NETGEAR. An information disclosure vulnerability exists in the NETGEAR WN604. An attacker can use this vulnerability to access the siteSurvey.php page to obtain sensitive information such as the SSID, security type, encryption method, and channel ...

6.9CVSS6.1AI score0.00493EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel. Attackers have exploited the vulnerability to cause device name leakage...

5.5CVSS6.4AI score0.00236EPSS
Exploits0References8
Prion
Prion
added 2023/05/29 9:15 p.m.33 views

Design/Logic Flaw

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Upon an action=rollback operation, the alreadyrolled message can leak a user name when the user has been revision deleted/suppressed...

4CVSS4.7AI score0.00573EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2023/05/29 9:15 p.m.39 views

CVE-2022-41766

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Upon an action=rollback operation, the alreadyrolled message can leak a user name when the user has been revision deleted/suppressed...

4.3CVSS5.9AI score0.00573EPSS
Exploits1References2
OSV
OSV
added 2023/05/29 12:0 a.m.31 views

CVE-2022-41766

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Upon an action=rollback operation, the alreadyrolled message can leak a user name when the user has been revision deleted/suppressed...

4.3CVSS5AI score0.00573EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/05/29 12:0 a.m.10 views

CVE-2022-41766

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Upon an action=rollback operation, the alreadyrolled message can leak a user name when the user has been revision deleted/suppressed...

6.6AI score0.00573EPSS
Exploits1References1
CVE
CVE
added 2023/05/29 12:0 a.m.245 views

CVE-2022-41766

MediaWiki contains a vulnerability (CVE-2022-41766) where, during action=rollback, the alreadyrolled message can leak the username of users who have been revision deleted or suppressed. Affected versions are: before 1.35.8; 1.36.x; and 1.37.x before 1.37.5; and 1.38.x before 1.38.3. Remediation p...

4.3CVSS4.3AI score0.00573EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2023/05/29 12:0 a.m.39 views

CVE-2022-41766

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Upon an action=rollback operation, the alreadyrolled message can leak a user name when the user has been revision deleted/suppressed...

4.3CVSS4.5AI score0.00573EPSS
Exploits1
OSV
OSV
added 2019/08/12 9:15 p.m.4 views

CVE-2019-13417

Search Guard versions before 24.0 had an issue that field caps and mapping API leak field names but not values for fields which are not allowed for the user when field level security FLS is activated...

5.3CVSS5.9AI score0.01104EPSS
Exploits0References2
Hacker One
Hacker One
added 2018/05/04 11:21 p.m.12 views

New Relic: Permissions leaks the full name of other NR accounts - Regression of #267636

One more before I run to dinner... Steps to Reproduce: 1. Add a user to your account 1. Enter "123" as the name and "[email protected]" as the email 1. Make them a "user" base role. 1. Click add user button. 2. Navigate to https://synthetics.newrelic.com/accounts/1523936/permissions 3. Create a...

0.3AI score
Exploits0
CNVD
CNVD
added 2018/03/28 12:0 a.m.3 views

Multiple Vulnerabilities in CoverCMS V1.16

CoverCMS is a content management system CMS. The system features multi-content distribution, scalability and multi-content type support. CoverCMS V1.16 suffers from reinstallation, information leakage, brute force, stored cross-site scripting and reflected cross-site scripting vulnerabilities...

5.9AI score
Exploits0
Rows per page
Query Builder