27957 matches found
PT-2026-50459
Name of the Vulnerable Software and Affected Versions Cisco ISE affected versions not specified Cisco ISE-PIC affected versions not specified Description Improper authorization checks when accessing a resource could allow an unauthenticated, remote attacker to view sensitive information on an...
CVE-2026-54197
Unauthenticated Sensitive Data Exposure in GetGenie = 4.4.1 versions...
CVE-2026-54197 WordPress GetGenie plugin <= 4.4.1 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in GetGenie = 4.4.1 versions...
CVE-2026-54197
The CVE-2026-54197 entry concerns the WordPress GetGenie plugin version <= 4.4.1, where an unauthenticated sensitive data exposure vulnerability is reported. Public documents consistently indicate exposure of sensitive data without authentication, affecting GetGenie
MobileIron Core - Remote Unauthenticated API Access
Ivanti Endpoint Manager Mobile EPMM, formerly MobileIron Core, Since CVE-2023-35082 arises from the same place as CVE-2023-35078, specifically the permissive nature of certain entries in the mifs web application’s security filter chain. id: CVE-2023-35082 info: name: MobileIron Core - Remote...
PT-2026-50119
Runtipi is a personal homeserver orchestrator. In versions 4.9.1 through 4.9.3, Runtipi serves marketplace app logos from files inside cloned app-store repositories through an unauthenticated endpoint, which leads to arbitrary file read through app-store logo symlinks. The path guard checks only...
EUVD-2026-36992
Unauthenticated Sensitive Data Exposure in Amelia = 2.2 versions...
EUVD-2026-36939
Unauthenticated Sensitive Data Exposure in Backup Migration = 2.1.1 versions...
EUVD-2026-36918
Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce = 2.2.5 versions...
EUVD-2026-36768
An information disclosure vulnerability in the configuration endpoint of Ben Busby whoogle-search v1.2.3 allows attackers to obtain sensitive information via a crafted GET request...
EUVD-2026-36760
An issue in Observeinc's Observe v.2026-01-28 and before allows a remote attacker to obtain sensitive information via the CSV Log export component...
EUVD-2026-36758
RuoYi v4.8.2 is vulnerable to SQL Injection via the /tool/gen/createTable endpoint. The issue affects the code generation module and may allow an authenticated attacker with administrative privileges to access sensitive database information...
CVE-2026-52695
Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout = 1.8.2 versions...
CVE-2026-52692
Unauthenticated Sensitive Data Exposure in Affiliates Manager = 2.9.50 versions...
CVE-2026-49066
Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway = 6.0.0 versions...
CVE-2026-48872
Unauthenticated Sensitive Data Exposure in EmbedPress = 4.5.2 versions...
CVE-2026-42384
Unauthenticated Sensitive Data Exposure in Simply Schedule Appointments 1.6.11.2 versions...
CVE-2026-39480
Unauthenticated Sensitive Data Exposure in Backup Migration = 2.1.1 versions...
CVE-2026-34891
Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce = 2.2.5 versions...
EUVD-2026-36902
Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout = 1.8.2 versions...