Lucene search
+L

59 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/03 8:35 p.m.6 views

CVE-2026-58297

Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network...

7.1CVSS5.9AI score0.00309EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/06/15 5:25 p.m.8 views

Exposure of Private Personal Information to an Unauthorized Actor

Overview @angular/service-worker is an Angular - service worker tooling! Affected versions of this package are vulnerable to Exposure of Private Personal Information to an Unauthorized Actor via the newHeaders function. An attacker can obtain sensitive credentials and session identifiers by...

8.3CVSS5.9AI score0.00226EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 7:33 a.m.18 views

EUVD-2026-35368

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Timeline-related APIs lacked proper authorization checks, allowing regular authenticated users to access deleted, private, or unapproved content and i...

6.1CVSS5.4AI score0.00406EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.12 views

CVE-2025-15623

Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. Unauthenticated user can retrieve database password in plaintext in certain situations...

9.3CVSS5.5AI score0.00261EPSS
Exploits0References1
CVE
CVE
added 2026/05/21 12:41 p.m.18 views

CVE-2025-13477

The CVE-2025-13477 entry concerns WifiBurada (Digital Operations Services Inc.) with an Authentication Bypass due to Insufficiently Protected Credentials, exposing private data. Affected through 21052026; CVSS 3.1 base score 7.1 (HIGH) with Network attack vector, low complexity, low privileges re...

7.1CVSS5.8AI score0.00224EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/12 5:22 p.m.12 views

Exposure of Private Personal Information to an Unauthorized Actor

Overview org.apache.tomcat:tomcat-websocket is a Tomcat WebSocket JSR356 implementation. Affected versions of this package are vulnerable to Exposure of Private Personal Information to an Unauthorized Actor in WebSocket client during authentication. An attacker can obtain sensitive HTTP...

7.3CVSS5.8AI score0.00548EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/07 9:16 p.m.9 views

Exposure of Private Personal Information to an Unauthorized Actor

Overview Affected versions of this package are vulnerable to Exposure of Private Personal Information to an Unauthorized Actor via the Email field in the Comment model exposed through unauthenticated public API endpoints. An attacker can obtain the email addresses of all guest commenters by makin...

6.9CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/07 9:16 p.m.12 views

Exposure of Private Personal Information to an Unauthorized Actor

Overview Affected versions of this package are vulnerable to Exposure of Private Personal Information to an Unauthorized Actor via the Email field in the Comment model exposed through unauthenticated public API endpoints. An attacker can obtain the email addresses of all guest commenters by makin...

6.9CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.12 views

PT-2026-6373

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized users to retrieve restricted o...

7.5CVSS5.5AI score0.00619EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 10:19 a.m.10 views

CVE-2019-18987

An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has accidentally or otherwise been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter's definition...

5.3CVSS6.5AI score0.01114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:13 a.m.13 views

CVE-2022-31143

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. It was found that in affected versions there is an exposure of private information defined in setup of...

5.3CVSS6.5AI score0.00711EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.7 views

PT-2025-52224

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit Informatics Services Inc. SoliClub allows Query System for Information.This issue affects SoliClub: from 5.2.4 before 5.3.7...

7.5CVSS6.9AI score0.0026EPSS
Exploits0References2
OSV
OSV
added 2025/12/16 4:15 p.m.8 views

CVE-2025-10450

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in RTI Connext Professional Core Libraries allows Sniffing Network Traffic.This issue affects Connext Professional: from 7.4.0 before 7., from 7.2.0 before 7.3.1...

7.5CVSS5.8AI score0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/11 2:11 p.m.13 views

CVE-2025-11959 Improper Access Control in Premierturk's Excavation Management Information System

Files or Directories Accessible to External Parties, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Premierturk Information Technologies Inc. Excavation Management Information System allows Footprinting, Functionality Misuse. This issue affects Excavation...

8.1CVSS0.00271EPSS
Exploits0References2
NVD
NVD
added 2025/10/24 3:15 p.m.7 views

CVE-2025-11145

Observable Discrepancy, Exposure of Sensitive Information to an Unauthorized Actor, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in CBK Soft Software Hardware Electronic Computer Systems Industry and Trade Inc. EnVision allows Account Footprinting. This issue...

7.5CVSS0.00312EPSS
Exploits0References2
NVD
NVD
added 2025/10/16 2:15 p.m.9 views

CVE-2025-53950

An Exposure of Private Personal Information 'Privacy Violation' vulnerability CWE-359 in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1. through 11.1.2 and 11.0.1 and 10.5.1 and...

6CVSS0.00168EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-14832

Malware in sbrugna...

4.3CVSS5AI score0.16289EPSS
Exploits2References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-8641

Malware in sbrugna...

5.3CVSS5.5AI score0.01114EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-58250

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00628EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-48044

Malicious code in bioql PyPI...

8.2CVSS6.6AI score0.00379EPSS
Exploits0References1
Rows per page
Query Builder