Lucene search
+L

53 matches found

CNNVD
CNNVD
added 2024/07/08 12:0 a.m.8 views

HCL Domino Security Vulnerability

HCL Technologies HCL Domino is an application software from HCL Technologies, Inc. It provides a platform for application development. A security vulnerability exists in HCL Domino, which arises from the presence of sensitive configuration information leakage that can be exploited by remote,...

7.5CVSS6.5AI score0.00475EPSS
Exploits0References4
OSV
OSV
added 2024/06/28 4:15 p.m.4 views

CVE-2024-35137

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 292413...

6.2CVSS5.8AI score0.00255EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 10:51 a.m.39 views

BIT-CONTOUR-2021-32783 Authorization bypass in Contour

Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy...

8.5CVSS8.3AI score0.01151EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2021/10/06 7:46 p.m.4 views

CVE-2021-34702 Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information. This vulnerability is due to improper enforcement of administrator privilege levels for low-value sensitive data. An attacker...

4.3CVSS5.5AI score0.00845EPSS
Exploits0References1
Hacker One
Hacker One
added 2019/08/31 1:46 a.m.20 views

U.S. Dept Of Defense: Local File Disclosure on the ████████ (https://████/) leads to the source code disclosure & DB credentials leak

Description I discovered another LFD on the https://████/ virtual host on the █████ IP POC https://█████/file.ashx?path=web.config will download the website configuration file. It exposes different DB credentials than in previous reports: ███ Similarly, attacker able to get content of any...

Exploits0
CNVD
CNVD
added 2019/03/28 12:0 a.m.5 views

Cisco IOS XE Information Disclosure Vulnerability

Cisco IOS XE is a modular operating system based on the Linux kernel. An information disclosure vulnerability exists in the web UI of Cisco IOS XE, which can be exploited by a remote attacker to access sensitive configuration information by sending a malicious request to an affected device...

7.5CVSS6.2AI score0.02223EPSS
Exploits0References1
PyPA
PyPA
added 2019/03/26 6:29 p.m.8 views

PYSEC-2019-78

A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuration data to log files without DEBUG logging being activated...

7.8CVSS6.7AI score0.00386EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/10/04 2:29 p.m.5 views

CVE-2018-1670

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive product configuration information from log files. IBM X-Force ID: 144946...

4.3CVSS5.8AI score0.01208EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/02/09 11:0 p.m.50 views

CVE-2018-1000060

Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redactsensitive that can result in sensitive configuration data e.g. passwords may be logged in clear-text. This attack appear to be exploitabl...

9.4AI score0.02404EPSS
Exploits0References5
OSV
OSV
added 2016/07/04 4:59 p.m.5 views

CVE-2016-5849

Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage...

2.5CVSS5.8AI score0.00317EPSS
Exploits0References3
OSV
OSV
added 2016/03/24 1:59 a.m.3 views

CVE-2016-1776

Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DSStore and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request...

5.3CVSS5.8AI score0.01813EPSS
Exploits0References4
CNVD
CNVD
added 2015/04/09 12:0 a.m.6 views

McAfee Advanced Threat Defense Information Disclosure Vulnerability (CNVD-2015-02279)

McAfee Advanced Threat Defense provides advanced threat defense that defends against advanced malware, including zero-day persistent threats and advanced persistent threats. A security vulnerability in the McAfee Advanced Threat Defense WEB interface allows a remote, authenticated attacker to...

4CVSS6.4AI score0.00966EPSS
Exploits0References1
Cvelist
Cvelist
added 2006/06/28 10:0 p.m.26 views

CVE-2006-3285

The internal database in Cisco Wireless Control System WCS for Linux and Windows before 3.251 uses an undocumented, hard-coded username and password, which allows remote authenticated users to read, and possibly modify, sensitive configuration data aka bugs CSCsd15955...

6.4AI score0.02632EPSS
Exploits0References7
Rows per page
Query Builder