Lucene search
K

28053 matches found

CVE
CVE
added yesterday6 views

CVE-2025-36328

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

4.3CVSS5.8AI score
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2025-210377

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

4.3CVSS5.8AI score
Exploits0References1
EUVD
EUVD
added yesterday3 views

EUVD-2026-40390

IBM UCD - IBM UrbanCode Deploy 7.2 through 7.2.3.23, and 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 stores potentially sensitive information in log files that could be read by a local user...

6.2CVSS5.8AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-14209

Technical details (affected product/version, root cause, impact, fixes) are not publicly available in the provided Connected documents. Monitor for updates.

4.3CVSS5.7AI score
Exploits0References2
Cvelist
Cvelist
added yesterday3 views

CVE-2026-14162 Advantech|Hospital Quering Management - Missing Authentication

Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...

9.8CVSS
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-14162

Advantech Hospital Queuing Management is listed under CVE-2026-14162 with a Missing Authentication/Unauthenticated access scenario. The description states a Sensitive Data Exposure where unauthenticated remote attackers can access a URL to obtain API documentation. The connected CVE entry confirm...

9.8CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-40287

Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...

9.8CVSS5.8AI score
Exploits0References2
Cvelist
Cvelist
added yesterday5 views

CVE-2026-14161 Advantech|Hospital Queuing Management - Sensitive Data Exposure

Hospital Quening Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...

8.7CVSS
Exploits0References2
CVE
CVE
added yesterday9 views

CVE-2026-14161

Advantech’s Hospital Queuing Management product is affected by a Sensitive Data Exposure vulnerability. Unauthenticated remote attackers can access a specific URL to obtain API documentation, per the CVE-2026-14161 records from NVD and CVE List. The connected documents confirm the affected produc...

8.7CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added yesterday7 views

EUVD-2026-40286

Hospital Quening Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...

8.7CVSS5.8AI score
Exploits0References2
Nuclei
Nuclei
added yesterday40 views

Easy!Appointments <1.4.3 - Broken Access Control

Easy!Appointments prior to 1.4.3 allows exposure of Private Personal Information to an unauthorized actor via the GitHub repository alextselegidis/easyappointments. id: CVE-2022-0482 info: name: Easy!Appointments 1.4.3 - Broken Access Control author: francescocarlucci,opencirt severity: critical...

9.1CVSS7.3AI score0.38133EPSS
Exploits7References5
Nuclei
Nuclei
added yesterday22 views

Hongdian H8922 3.0.5 - Information Disclosure

Hongdian H8922 3.0.5 is susceptible to information disclosure. An attacker can access cli.conf with the administrator password and other sensitive data via /backup2.cgi and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2021-28150 info:...

5.5CVSS6.1AI score0.02584EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday19 views

AntD Admin - Sensitive Information Disclosure

AntD Admin has a security vulnerability that stems from Antd-admin 5.5.0 being affected by an incorrect access control vulnerability. Attackers can exploit this vulnerability to gain unauthorized access to some front-end interfaces, resulting in the leakage of sensitive information such as user...

7.5CVSS7.1AI score0.04418EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday16 views

ListingPro < 2.6.1 - Sensitive Data Disclosure

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Sensitive Data Exposure in versions before 2.6.1 via the /listingpro-plugin/functions.php file. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, full names, email...

5.3CVSS6AI score0.01608EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday23 views

Netgear R6850 - Information Disclosure

Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the currentsetting.htm page.This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as firmware version, model details,...

7.5CVSS5.8AI score0.01923EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday29 views

uDraw <3.3.3 - Local File Inclusion

uDraw before 3.3.3 does not validate the url parameter in its udrawconverturltobase64 AJAX action available to both unauthenticated and authenticated users before using it in the filegetcontents function and returning its content base64 encoded in the response. As a result, unauthenticated users...

7.5CVSS7.2AI score0.07736EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday43 views

Duplicator < 1.5.7.1; Duplicator Pro < 4.5.14.2 - Unauthenticated Sensitive Data Exposure

The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the backups-dup-lite/tmp directory or the backups-dup-pro/tmp directory in the Pro version, which temporarily stores files containing sensitive data. When directory listing is...

7.5CVSS7.1AI score0.30894EPSS
Exploits5References4
Nuclei
Nuclei
added yesterday14 views

WordPress Backup Migration <= 1.3.6 - Path Traversal

WordPress Backup Migration plugin versions up to 1.3.6 contain a path traversal and file validation issue in handledownloading function, letting unauthenticated attackers download backup files containing sensitive information. id: CVE-2023-6266 info: name: WordPress Backup Migration = 1.3.6 - Pat...

7.5CVSS7.1AI score0.02072EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday363 views

Magento - SQL Injection

An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which causes sensitive data leakage. id: CVE-2019-7139 info: name: Magento - SQL Injection author: MaStErChO severity: critical description: | An unauthenticated user can execute SQL...

9.8CVSS7.6AI score0.1545EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday36 views

Edito CMS - Sensitive Data Leak

Web services managed by Edito CMS Content Management System in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthorized user. id: CVE-2024-4836 info: name: Edito CMS - Sensitive Data Leak author: s4e-io severity: high description: | Web...

7.5CVSS5.8AI score0.02629EPSS
Exploits0References3
Rows per page
Query Builder