26 matches found
Kentico Xperience Information Disclosure Vulnerability
Kentico Xperience is a digital experience platform from Kentico. Kentico Xperience suffers from an information disclosure vulnerability that can be exploited by an attacker to cause exposure of internal network details...
PT-2025-50496
Name of the Vulnerable Software and Affected Versions ESP32 affected versions not specified Description An enabled UART download mode on the ESP32 chip allows an attacker to extract sensitive data from the flash memory, including Wi-Fi network details stored in the NVS partition. This access also...
CVE-2025-8866
YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records...
CVE-2022-4870
In affected versions of Octopus Deploy it is possible to discover network details via error message...
Information Leakage
symfony/http-client is vulnerable to IP/port enumeration. The vulnerability is due to improper handling of IP filtering in the NoPrivateNetworkHttpClient, which fails to block certain IPs early enough during host resolution, allowing an attacker to enumerate IP addresses and ports, potentially...
Apache CloudStack Information Disclosure Vulnerability (CNVD-2024-35665)
Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. An information disclosure vulnerability exists in Apache CloudStack...
CVE-2024-42222 Apache CloudStack: Unauthorised Network List Access
In Apache CloudStack 4.19.1.0, a regression in the network listing API allows unauthorised list access of network details for domain admin and normal user accounts. This vulnerability compromises tenant isolation, potentially leading to unauthorised access to network details, configurations and...
Windows Network Config Enumeration
Enumerates Windows network configuration details. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid176477; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2024/07/29"; scriptnameenglish:"Windows Network Config Enumeration";...
CVE-2022-4870
In affected versions of Octopus Deploy it is possible to discover network details via error message...
CVE-2022-4870
In affected versions of Octopus Deploy it is possible to discover network details via error message...
CVE-2022-4870
In affected versions of Octopus Deploy it is possible to discover network details via error message...
Code injection
In affected versions of Octopus Deploy it is possible to discover network details via error message...
CVE-2022-4870
CVE-2022-4870 affects Octopus Deploy; the issue is information disclosure via error messages that reveal network details. The provided documents confirm the vulnerability is tied to Octopus Deploy and involve disclosure of network information through error output. Exploitation status is not detai...
PT-2023-15886 · Unknown · Octopus Deploy
Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue allows discovery of network details via error messages in affected versions of the software. Recommendations: At the moment, there is no information about a newer version...
CVE-2022-4870
In affected versions of Octopus Deploy it is possible to discover network details via error message...
Octopus Deploy 安全漏洞
Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. A security vulnerability exists in Octopus Deploy that stems from the ability to discover network details via error messages...
Anonymous LOGOUT logs explanation
ns.log: Dec 31 16:13:57 172.31.248.107 12/31/2022:08:13:57 GMT PHQCXADC01 0-PPE-0 : default SSLVPN Message 263167 0 : "Created nFactor session for user Anonymous" Dec 31 16:13:57 172.31.248.107 12/31/2022:08:13:57 GMT PHQCXADC01 0-PPE-0 : default SSLVPN Message 263174 0 : "AAAD API:...
Lenovo Personal Cloud Storage信息泄露漏洞
Lenovo Personal Cloud Storage is a cloud storage platform from Lenovo, a Chinese company. Lenovo Personal Cloud Storage is vulnerable to information disclosure, which could be exploited by attackers to retrieve device and network details...
Lenovo Personal Cloud Storage 安全漏洞
Lenovo Personal Cloud Storage is a cloud storage platform from Lenovo, a Chinese company. Lenovo Personal Cloud Storage is vulnerable to information disclosure, which could be exploited by attackers to retrieve device and network details...
Backdoor.Win32.Zdemon.126 Remote Command Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/cedc886b593f013133df39bb6b43a762.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zdemon.126 Vulnerability: Unauthenticated Remote Command Execution Description: Zdemo...