EUVD-2025-208129

Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...

WSO2 Management Console - Authentication Bypass

An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure. The known...

SAP NetWeaver AS Java Sensitive Information Vulnerability (January 2026)

The version of SAP NetWeaver Application Server for Java detected on the remote host is affected by an Sensitive Information vulnerability as disclosed in the SAP Security Patch Day January 2026: - The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an...

CVE-2026-0510

The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...

CVE-2026-0510 Obsolete Encryption Algorithm Used in NW AS Java UME User Mapping

The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...

CVE-2025-5605 Authentication Bypass via URI Manipulation in Multiple WSO2 Products' Management Console Leading to Partial Information Disclosure

An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure. The known...

Intel Processors 安全漏洞

Intel Processors is an American Intel company that provides the ability to interpret computer instructions and process data in computer software. A security vulnerability exists in Intel Processors that stems from a hardware logic containing a race condition. The vulnerability could allow an...

CVE-2024-22256

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...

CVE-2024-25616

Aruba has identified certain configurations of ArubaOS that can lead to partial disclosure of sensitive information in the IKEAUTH negotiation process. The scenarios in which disclosure of potentially sensitive information can occur are complex, and depend on factors beyond the control of attacke...

CVE-2023-24598

OX App Suite before backend 7.10.6-rev37 has an information leak in the handling of distribution lists, e.g., partial disclosure of the private contacts of another user...

CVE-2023-24598

OX App Suite before backend 7.10.6-rev37 has an information leak in the handling of distribution lists, e.g., partial disclosure of the private contacts of another user...

Mars: ' Full Account Takeover ' at █████

A severe vulnerability was identified in the login functionality of a website belonging to Mars. An unauthorized actor could manipulate the server's response from the ██████████ endpoint to gain unauthorized access to any user account on the platform, leading to a full account takeover...

Stripo Inc: Non-revoked API Key Information disclosure via Stripo_report()

Talking about 983331 reports where a security researcher reported secret API key leakage vulnerability in a JavaScript file at Stripo. This report is disclosed on HackerOne, and the team at Stripo have forgotten to blur the API keys from the report before disclosing it to the public. The API keys...

util-linux 安全漏洞

util-linux is an open source package. util-linux suffers from a security vulnerability that stems from the partial disclosure of arbitrary files in CHFN and CHSH when Util-linux is compiled with libreadline. No detailed vulnerability details are available...

Partial disclosure: Was it a cat I saw?

Quite often in our industry, two or five people can look at the same problem from different angles, and see radically different things. Rare is the situation that reads the same to everyone, forwards and backwards. It’s all about perspective. In my appearance on the ‘Partial Disclosure Dilemma’...

No consensus yet on partial disclosure

Five of the brighter minds in the security industry spent two hours Thursday afternoon arguing, needling each other and generally disagreeing about everything under the sun and at the end of it all settled absolutely nothing on the topic of partial disclosure. The panel was meant to generate some...