Lucene search
K

76 matches found

Circl
Circl
β€’added 2024/01/26 10:32 p.m.β€’4 views

CVE-2024-0946

creationtimestamp| type| source ---|---|--- 2024-01-26 22:32:06+00:00| seen| https://t.me/ctinow/174507 2024-02-19 19:56:53+00:00| seen| https://t.me/ctinow/187890...

9.8CVSS7.8AI score0.00621EPSS
Exploits0References2
Cvelist
Cvelist
β€’added 2023/10/25 6:32 p.m.β€’26 views

CVE-2023-41072

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data...

5.7AI score0.00274EPSS
Exploits0References6
OSV
OSV
β€’added 2023/03/30 4:15 p.m.β€’4 views

CVE-2022-30351

PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted information, including images and text embedded in the PDF file, to...

7.5CVSS5.8AI score0.00565EPSS
Exploits0References2
NVD
NVD
β€’added 2023/03/30 4:15 p.m.β€’31 views

CVE-2022-30351

PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted information, including images and text embedded in the PDF file, to...

7.5CVSS7.5AI score0.00565EPSS
Exploits0References2
OSV
OSV
β€’added 2023/03/30 4:15 p.m.β€’4 views

CVE-2022-30350

Avanquest Software RAD PDF PDFEscape Online 3.19.2.2 is vulnerable to Information Leak / Disclosure. The PDFEscape Online tool provides users with a "white out" functionality for redacting images, text, and other graphics from a PDF document. However, this mechanism does not remove underlying tex...

7.5CVSS5.8AI score0.00725EPSS
Exploits1References2
Prion
Prion
β€’added 2023/03/30 4:15 p.m.β€’15 views

Information disclosure

PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted information, including images and text embedded in the PDF file, to...

5CVSS7.4AI score0.00565EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
β€’added 2023/03/30 12:0 a.m.β€’4 views

PT-2023-13007 Β· PdfzorroΒ +1 Β· PdfzorroΒ +1

Name of the Vulnerable Software and Affected Versions: PDFZorro PDFZorro Online version r20220428 TCPDF version 6.2.5 Description: The issue arises from the improper sanitization of redacted information in PDF files. Despite claims of correctly removing redacted data, the software fails to do so ...

7.5CVSS7.5AI score0.00565EPSS
Exploits0References5
CVE
CVE
β€’added 2023/03/30 12:0 a.m.β€’47 views

CVE-2022-30351

The CVE-2022-30351 issue concerns PDFZorro Online r20220428 (and TCPDF 6.2.5). The root cause is improper sanitization of redacted content, allowing redacted text and embedded images to leak in some cases. When PDF text objects exist, copied redacted data can be pasted from the clipboard, and onc...

7.5CVSS7.4AI score0.00565EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
β€’added 2023/03/30 12:0 a.m.β€’25 views

CVE-2022-30351

PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted information, including images and text embedded in the PDF file, to...

7.6AI score0.00565EPSS
Exploits0References2
OSV
OSV
β€’added 2023/03/23 7:47 p.m.β€’48 views

GHSA-8VG2-WF3Q-MWV7 directus vulnerable to Insertion of Sensitive Information into Log File

Summary CWE-532: Insertion of Sensitive Information into Log File discovered in v9.23.1. The directusrefreshtoken is not redacted properly from the log outputs and can be used to impersonate users without their permission. Details Using v9.23.1, I am seeing that the directusrefreshtoken is not...

4.2CVSS4.8AI score0.00312EPSS
Exploits1References5
Malwarebytes
Malwarebytes
β€’added 2023/03/22 1:0 a.m.β€’67 views

Google Pixel: Cropped or edited images can be recovered

Most of us have a camera on us at all times, and so photo taking and image sharing has become almost ubiquitous. But when sharing an image, you want to have control over what you share. And that might lead you to crop images, or redact parts of them. Maybe you cropped out a person that didn't wan...

5.2AI score0.00499EPSS
Exploits2
Citrix
Citrix
β€’added 2023/03/02 12:0 a.m.β€’8 views

Web log client "login unsuccessful" using nsroot

C:\NSWL\binnswl -start -f c:\nswl\etc\log.conf Debug log file is ./nswl.log-130620221156 & Log level is 1 NetScaler weblogging configuration file c:\nswl\etc\log.conf is correct Login unsuccessful nspe=redacted IP:user=nsroot!!!...

7.1AI score
Exploits0
Code423n4
Code423n4
β€’added 2022/11/28 12:0 a.m.β€’12 views

Potential uint underflow

Lines of code Vulnerability details Impact Potential underflow if shares is greater than totalSupply Proof of Concept Tools Used Manual review Recommended Mitigation Steps Before the following line, check if totalSupply is greater or equal to shares --- The text was updated successfully, but thes...

6.9AI score
Exploits0
Wired Threat Level
Wired Threat Level
β€’added 2022/11/25 12:0 p.m.β€’13 views

Redacted Documents Are Not as Secure as You Think

Popular redaction tools don’t always work as promised, and new attacks can reveal hidden information, researchers say...

1.9AI score
Exploits0
Cvelist
Cvelist
β€’added 2022/10/10 12:0 a.m.β€’53 views

CVE-2022-39292 Exposure of sensitive Slack webhook URLs in debug logs and traces

Slack Morphism is a modern client library for Slack Web/Events API/Socket Mode and Block Kit. Debug logs expose sensitive URLs for Slack webhooks that contain private information. The problem is fixed in version 1.3.2 which redacts sensitive URLs for webhooks. As a workaround, people who use Slac...

7.5CVSS7.6AI score0.00663EPSS
Exploits0References2
Github Security Blog
Github Security Blog
β€’added 2022/02/16 12:1 a.m.β€’35 views

Jenkins Support Core Plugin stores sensitive data in plain text

Jenkins Support Core Plugin 2.79 and earlier does not redact some sensitive information in the support bundle. Support Core Plugin 2.79.1 adds a list of keywords whose associated values are redacted...

6.5CVSS6AI score0.00966EPSS
Exploits0References5Affected Software1
Schneier on Security
Schneier on Security
β€’added 2021/08/31 11:37 a.m.β€’32 views

More Military Cryptanalytics, Part III

Late last year, the NSA declassified and released a redacted version of Lambros D. Callimahoss Military Cryptanalytics, Part III. We just got most of the index. Its hard to believe that there are any real secrets left in this 44-year-old volume...

2.6AI score
Exploits0
Hacker One
Hacker One
β€’added 2021/07/09 8:24 p.m.β€’293 views

HackerOne: PII data Leakage through hackerone reports

Summary: I found PII data leakage through the HackerOne report. I found a link in one of the disclosed report that allow me to get the address and phone numbers of security researchers. Here I got the address and phone number of β–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆ Vulnerability Name: PII data Leakage through Steps to...

0.8AI score
Exploits0
UbuntuCve
UbuntuCve
β€’added 2021/03/26 8:15 p.m.β€’25 views

CVE-2021-22184

An information disclosure issue in GitLab starting from version 12.8 allowed a user with access to the server logs to see sensitive information that wasn't properly redacted...

6.2CVSS6.2AI score0.00302EPSS
Exploits0References3
Prion
Prion
β€’added 2021/03/26 8:15 p.m.β€’19 views

Information disclosure

An information disclosure issue in GitLab starting from version 12.8 allowed a user with access to the server logs to see sensitive information that wasn't properly redacted...

2.1CVSS4.8AI score0.00302EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder