CVE-2026-42517

This vulnerability exists in e-Sushrut due to the use of reversible Base64 encoding for protecting sensitive data. An authenticated attacker could exploit this vulnerability by decoding and manipulating Base64-encoded parameters in the request URL to gain unauthorized access to sensitive...

Microsoft Outlook Information Disclosure Vulnerability (CNVD-2026-12557)

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Outlook. The vulnerability stems from the application's inadequate protection of sensitive information and can be exploited by an attacker to conduc...

Microsoft Outlook 信息泄露漏洞

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Outlook. The vulnerability stems from the application's inadequate protection of sensitive information and can be exploited by an attacker to conduc...

CVE-2021-33683

SAP Web Dispatcher and Internet Communication Manager ICM, versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.73, WEBDISP 7.53, 7.73, 7.77, 7.81, 7.82, 7.83,...

WordPress Plugin FunnelKit Automations Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin FunnelKit Automations,...

CVE-2025-43500

A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. An app may be able to access sensitive user data...

EUVD-2025-8963

Malicious code in bioql PyPI...

EUVD-2022-46513

Malicious code in bioql PyPI...

CVE-2025-48001 Windows BitLocker Security Feature Bypass Vulnerability

...

The vulnerability of the IDE Assets component in the Xcode development environment allows a hacker to gain unauthorized access to protected information.

The vulnerability of the IDE Assets component in the Xcode development environment is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

Navigating AWS Migration: Achieving Clarity and Confidence

Migrating workloads to Amazon Web Services AWS represents a significant strategic opportunity, enabling greater agility, scalability, and potential for innovation. But undertaking this transition without a comprehensive strategy for visibility and security can introduce unforeseen risks,...

Navigating AWS Migration: Achieving Clarity and Confidence

Migrating workloads to Amazon Web Services AWS represents a significant strategic opportunity, enabling greater agility, scalability, and potential for innovation. But undertaking this transition without a comprehensive strategy for visibility and security can introduce unforeseen risks,...

CVE-2024-47056 Mautic does not shield .env files from web traffic

SummaryThis advisory addresses a security vulnerability in Mautic where sensitive .env configuration files may be directly accessible via a web browser. This exposure could lead to the disclosure of sensitive information, including database credentials, API keys, and other critical system...

The vulnerability of the Synology Router Manager operating system, related to insufficient protection of sensitive data, allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Synology Router Manager operating system is related to insufficient protection for service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

CVE-2025-38575

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use aeadrequestfree to match aeadrequestalloc Use aeadrequestfree instead of kfree to properly free memory allocated by aeadrequestalloc. This ensures sensitive crypto data is zeroed before being freed...

CVE-2025-24263

The CVE-2025-24263 entry concerns a privacy issue in macOS where sensitive user data could be observed by an unprivileged app. Apple fixed this by moving the data to a protected location, with the issue addressed in macOS Sequoia 15.4. The Apple advisory (Security Content) confirms the impact is ...

AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface

Organizations now use an average of 112 SaaS applications —a number that keeps growing. In a 2024 study, 49% of 644 respondents who frequently used Microsoft 365 believed that they had less than 10 apps connected to the platform, despite the fact that aggregated data indicated over 1,000+ Microso...

SANS Institute Warns of Novel Cloud-Native Ransomware Attacks

The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider's storage security...

SAP Business Objects Business Intelligence Platform 安全漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. An information disclosure vulnerability exists in SAP Business Objects Business Intelligence Platform, which stems from the application's inadequate...

The vulnerability of the libavutil library, a multimedia library used in FFmpeg, allows attackers to disclose protected information.

The vulnerability of the libavutil library, a multimedia library used in FFmpeg, is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to disclose protected information remotely...