PT-2026-6525

Apache Answer Exposure of Private Personal Information to an Unauthorized Actor vulnerability in github.com/apache/answer. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positiv...

CVE-2022-0482

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3...

EUVD-2021-23316

Malware in sbrugna...

EUVD-2022-1664

Malicious code in bioql PyPI...

EUVD-2025-24290

Malicious code in bioql PyPI...

PT-2025-32849 · Microsoft · Azure Stack

Name of the Vulnerable Software and Affected Versions: Azure Stack affected versions not specified Description: An authorized attacker can disclose private personal information locally in Azure Stack. This allows exposure of this information to an unauthorized actor. Recommendations: At the momen...

Exposure of Private Personal Information to an Unauthorized Actor

Overview universal-omega/dynamic-page-list3 is a The DynamicPageList3 extension allows creating lists of other articles based on their category, namespace, title, references or template usage and include contents or arguments of template calls of those articles into your page. Affected versions o...

CVE-2025-20615

CVE-2025-20615 affects the Qardio Arm iOS app. The vulnerability arises from exposing usernames and passwords in a plist file, enabling an attacker to log in to production-level development accounts and trigger an engineering backdoor that accepts hex-based commands over a UI-based terminal. Impa...

CVE-2022-2921

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update...

CVE-2024-8891

CVE-2024-8891 applies to CIRCUTOR Q-SMT, firmware 1.0.4. The vulnerability allows an attacker with no knowledge of current users to enumerate potential users by observing server responses, revealing whether a user exists. This is a user enumeration/ private information exposure issue affecting th...

CVE-2024-37136

Dell Path to PowerProtect, versions 1.1, 1.2, contains an Exposure of Private Personal Information to an Unauthorized Actor vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information exposure...

Siemens SIMATIC WinCC

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

SUSE SLES15 / openSUSE 15 Security Update : SUSE Manager Client Tools (SUSE-SU-2023:2578-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2578-1 advisory. - All versions of package trim are vulnerable to Regular Expression Denial of Service ReDoS via trim. CVE-2020-7753 -...

SUSE: Security Advisory (SUSE-SU-2023:2578-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-2703 Information Disclosure in Finex Media's Competition Management System

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media Competition Management System allows Retrieve Embedded Sensitive Data, Collect Data as Provided by Users. This issue affects Competition Management System: before 23.07...

PT-2023-20907

Name of the Vulnerable Software and Affected Versions Finex Media Competition Management System versions prior to 23.07 Description The issue allows exposure of private personal information to an unauthorized actor, enabling the retrieval of embedded sensitive data and collection of data as...

CVE-2023-27510

JB Inquiry form contains an exposure of private personal information to an unauthorized actor vulnerability, which may allow a remote unauthenticated attacker to obtain information entered from forms created using the affected product. The affected products and versions are as follows: JB Inquiry...

RHEL 8 : RHV Manager (ovirt-engine) [ovirt-4.5.3] (RHSA-2022:8502)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8502 advisory. The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to...

GHSA-74FJ-2J2H-C42Q Exposure of sensitive information in follow-redirects

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor...

Juniper Junos OS Multiple Vulnerabilities (JSA11289)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA11289 advisory. - curl 7.1.1 to and including 7.75.0 is vulnerable to an Exposure of Private Personal Information to an Unauthorized Actor by leaking credentials in the HTTP Refere...