1982 matches found
CyberPower < v2.8.3 - SQL Injection
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to . id: CVE-2024-32736 info: name: CyberPower PDNU" tags: cve,cve2024,cyberpower,sqli,vkev,vuln http: - method: GET path: - "BaseURL/api/v1/confup?mode=&uid=1'%20UNION%20select%201,2,3,4,sqliteversion;--"...
CVE-2026-52101
An issue in andreimarcu linux-server v.1.0 through v.2.3.8 allows a remote attacker to obtain sensitive information via the function uploadRemote function in upload.go...
EUVD-2026-43616
A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The...
PT-2026-58558
Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Description An out-of-bounds read issue exists that allows an unauthorized attacker to disclose information over a network. An out-of-bounds read occurs when the software reads data past t...
Mitel MiCollab - Information Disclosure & Denial of Service
Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 contain a vulnerability in the TP-240 component caused by improper handling, letting remote attackers obtain sensitive information and cause denial of service, exploit requires remote access. id: CVE-2022-26143 info: name:...
PT-2026-55623
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper link resolution before file access, also known as link following, allows an unauthorized attacker to disclose information over a network. Recommendations At the...
CVE-2026-20460
In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...
CVE-2026-20460
CVE-2026-20460 affects the Modem via information disclosure caused by improper input validation. The issue could enable remote information disclosure if a UE connects to a rogue base station controlled by an attacker, with no extra execution privileges and without user interaction. The available ...
EUVD-2026-40637
Insufficient policy enforcement in Payments in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
Linux Distros Unpatched Vulnerability : CVE-2026-14069
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in WebNN in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via ...
CVE-2026-11595
IBM WebSphere Application Server 9.0, and 8.5 could allow a remote attacker to obtain sensitive information from the administrative console's integrated help system...
PT-2026-53961
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 Description A remote attacker could obtain sensitive information from the integrated help system of the administrative console. Recommendations At the...
CVE-2026-5757 There exists an unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine
Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence...
CVE-2026-37452
Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSIAPService.exe component...
CVE-2026-27868 PUBLICATION OF SENSITIVE INFORMATION ON REGESTA SMART HD-PLC OF TELDAT
An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat in this case, NO registration action is required who has the vulnerable software could obtain privilege information by using the command Version via the path: /upgrade/query.php?cmd=p+3&3Bversion resulting in a...
EUVD-2026-37191
In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-37189
In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-37174
In RtpPacket::decodePacket, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...
EUVD-2026-37175
In decodeAppPacket of RtcpAppPacket.cpp, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0157
In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...