Lucene search
+L

552 matches found

Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-58485

Name of the Vulnerable Software and Affected Versions Microsoft Defender for Endpoint on Mac versions prior to 101.26042.0020 Description An issue in Microsoft Defender allows an authorized attacker to locally disclose private personal information to an unauthorized actor. Recommendations Update...

4.7CVSS6.1AI score0.00412EPSS
Exploits1References3
NVD
NVD
added 2026/07/03 9:17 p.m.8 views

CVE-2026-58296

Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network...

7.1CVSS0.00303EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/03 8:35 p.m.9 views

EUVD-2026-41592

Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:35 p.m.6 views

CVE-2026-58297

Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network...

7.1CVSS5.9AI score0.00309EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/07/03 8:35 p.m.11 views

EUVD-2026-41593

Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network...

7.1CVSS5.9AI score0.00309EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.7 views

CVE-2026-27771

Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information...

8.2CVSS7.3AI score0.40738EPSS
Exploits1References5
OSV
OSV
added 2026/07/03 8:19 p.m.2 views

CVE-2026-27771 Gitea Composer package source links use insufficient permission checks

Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information...

8.2CVSS7.2AI score0.40738EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.18 views

PT-2026-55643

Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description An issue in Microsoft Edge for Android allows an unauthorized actor to disclose private personal information over a network. Recommendations At the moment, there is no...

7.1CVSS5.8AI score0.00309EPSS
Exploits0References4
OSV
OSV
added 2026/07/01 4:16 p.m.4 views

UBUNTU-CVE-2026-58029

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiChangeAuthenticationData.Php, includes/Api/ApiLinkAccount.Php, includes/Api/ApiRemoveAuthenticationData.Php, includes/Specials/SpecialLinkAccounts.Php,...

6.5CVSS6.1AI score0.00351EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/26 2:8 a.m.5 views

Exposure of Private Personal Information to an Unauthorized Actor

Overview Affected versions of this package are vulnerable to Exposure of Private Personal Information to an Unauthorized Actor in the ProxyConfig constructor in lib/internal/http.js, which stores the full proxy URL including any embedded username and password and surfaces it in ERRPROXYTUNNEL err...

7.5CVSS6.8AI score0.00437EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/15 5:25 p.m.8 views

Exposure of Private Personal Information to an Unauthorized Actor

Overview @angular/service-worker is an Angular - service worker tooling! Affected versions of this package are vulnerable to Exposure of Private Personal Information to an Unauthorized Actor via the newHeaders function. An attacker can obtain sensitive credentials and session identifiers by...

8.3CVSS5.9AI score0.00226EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 6:47 p.m.11 views

EUVD-2025-210121

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information...

5.5CVSS5.4AI score0.00127EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 7:33 a.m.18 views

EUVD-2026-35368

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Timeline-related APIs lacked proper authorization checks, allowing regular authenticated users to access deleted, private, or unapproved content and i...

6.1CVSS5.4AI score0.00406EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.12 views

CVE-2025-15623

Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. Unauthenticated user can retrieve database password in plaintext in certain situations...

9.3CVSS5.5AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.14 views

CVE-2026-7382

Exposure of Sensitive Information to an Unauthorized Actor, Exposure of private personal information to an unauthorized actor vulnerability in MeWare Software Development Inc. PDKS allows Excavation. This issue affects PDKS: from V16.20200313 before VMYR3.5.2025117...

6.5CVSS5.5AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2026/05/21 12:41 p.m.18 views

CVE-2025-13477

The CVE-2025-13477 entry concerns WifiBurada (Digital Operations Services Inc.) with an Authentication Bypass due to Insufficiently Protected Credentials, exposing private data. Affected through 21052026; CVSS 3.1 base score 7.1 (HIGH) with Network attack vector, low complexity, low privileges re...

7.1CVSS5.8AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/12 8:21 p.m.15 views

CVE-2026-28922

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to access private information...

6.5CVSS5.8AI score0.00322EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/12 5:22 p.m.12 views

Exposure of Private Personal Information to an Unauthorized Actor

Overview org.apache.tomcat:tomcat-websocket is a Tomcat WebSocket JSR356 implementation. Affected versions of this package are vulnerable to Exposure of Private Personal Information to an Unauthorized Actor in WebSocket client during authentication. An attacker can obtain sensitive HTTP...

7.3CVSS5.8AI score0.00548EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/11 8:7 p.m.8 views

CVE-2026-28922

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to access private information...

5.8AI score0.00322EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.10 views

PT-2026-39785

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to access private information...

5.8AI score0.00322EPSS
Exploits0References3
Rows per page
Query Builder