Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.7 views

CVE-2020-12051

The CentralAuth extension through REL134 for MediaWiki allows remote attackers to obtain sensitive hidden account information via an api.php?action=query=globaluserinfo= request. In other words, the information can be retrieved via the action API even though access would be denied when simply...

7.5CVSS6.6AI score0.01317EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-0261

Malware in sbrugna...

7.5CVSS6.4AI score0.01809EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-4367

Malware in sbrugna...

7.5CVSS7.5AI score0.01317EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-7483

Malware in sbrugna...

7.5CVSS7.6AI score0.00437EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-48499

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00783EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:17 a.m.9 views

CVE-2022-45634

An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows authenticated attacker to gain access to sensitive account information...

4.3CVSS6.8AI score0.0066EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:5 a.m.8 views

CVE-2019-5498

OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user...

6.5CVSS6.3AI score0.01105EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/05 12:0 a.m.29 views

CVE-2025-45237

Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password...

0.0038EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/03/22 12:0 a.m.33 views

CVE-2022-45634

An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows authenticated attacker to gain access to sensitive account information...

4.9AI score0.0066EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2023/03/22 12:0 a.m.6 views

CVE-2022-45634

An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows authenticated attacker to gain access to sensitive account information...

4.6AI score0.0066EPSS
Exploits2References2
Prion
Prion
added 2022/05/12 10:15 p.m.16 views

Code injection

Using the ability to perform a Man-in-the-Middle MITM attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was intercepted using a proxy server set up in 'transparent' mode...

4.3CVSS5.5AI score0.00307EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2021/01/30 12:0 a.m.7 views

NetApp OnCommand Unified Manager Information Disclosure Vulnerability

Netapp NetApp OnCommand Unified Manager is a suite of ONTAP system management software from the U.S. company NetApp Netapp. The software can simplify data management, monitor the storage system infrastructure and detect failures. An information disclosure vulnerability exists in NetApp OnCommand...

5.5CVSS6.2AI score0.00407EPSS
Exploits0References1
OSV
OSV
added 2019/08/09 6:15 p.m.4 views

CVE-2019-5498

OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user...

6.5CVSS6.5AI score0.01105EPSS
Exploits0References1
Prion
Prion
added 2019/04/29 2:29 p.m.21 views

Code injection

Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected versions of Element Plug-in for vCenter Server...

5CVSS7.5AI score0.01542EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2019/04/29 1:49 p.m.29 views

CVE-2019-5492

Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected versions of Element Plug-in for vCenter Server...

7.5AI score0.01542EPSS
Exploits0References2
CNVD
CNVD
added 2018/04/27 12:0 a.m.4 views

IMM2 Information Disclosure Vulnerability in Multiple IBM Products

IBM Flex System x220 Compute Node and others are different series of server devices from IBM Corporation in the U.S. Integrated Management Module II IMM2 is one of the integrated management modules. A security vulnerability exists in IMM2 in several IBM products. A remote attacker could exploit...

6.5CVSS6.7AI score0.01233EPSS
Exploits0References1
CERT
CERT
added 2017/05/04 12:0 a.m.60 views

Space Coast Credit Union SCCU Mobile for Android and iPhone fails to properly validate SSL certificates

Overview Space Coast Credit Union SCCU Mobile for Android, version 2.1.0.1104 and earlier, and for iOS, version 2.2 and earlier, fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle MITM attacks. Description CWE-295:...

5.9CVSS5.4AI score0.00848EPSS
Exploits0References3
CVE
CVE
added 2016/09/14 10:0 a.m.110 views

CVE-2016-3373

CVE-2016-3373 is a Windows kernel local elevation-of-privilege vulnerability. The Windows Kernel API improperly restricts access to registry information, enabling a locally authenticated attacker to obtain sensitive user account data via a crafted application. Affected products include Windows Vi...

5.5CVSS5.6AI score0.17466EPSS
Exploits1References4Affected Software7
ICS
ICS
added 2015/07/04 6:0 a.m.62 views

Omron Multiple Product Vulnerabilities

OVERVIEW Air Force Institute of Technology researcher Stephen Dunlap has identified vulnerabilities in Omron Corporation’s CX-Programmer software, CJ2M series programmable logic controller PLC, and CJ2H series PLC. Omron Corporation has produced new versions that mitigate these vulnerabilities. O...

10CVSS6.4AI score0.01162EPSS
Exploits1References10
Rows per page
Query Builder