Lucene search
K

768 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

If the Content Security Policy blocks frame navigation, the full destination of a redirect served within the frame is reported in the violation report; instead of just the original frame URI. This could be used to disclose sensitive information contained in such URIs. This vulnerability affects...

4.3CVSS6.4AI score0.01212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.15 views

CVE-2026-50508

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...

7.5CVSS5.4AI score0.00662EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 12:20 a.m.13 views

EUVD-2026-35280

Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application...

3.7CVSS5.5AI score0.00188EPSS
Exploits0References2
NVD
NVD
added 2026/05/18 4:16 p.m.16 views

CVE-2026-20685

An attacker in a privileged network position may be able to leak sensitive information. A path handling issue was addressed with improved validation. This issue is fixed in PCC Release 5E290.3...

6.5CVSS0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 11:3 p.m.6 views

CVE-2025-14808

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...

3.1CVSS5.8AI score0.00225EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/03 7:53 p.m.8 views

CVE-2025-13616 DataStage on Cloud Pak for Data is vulnerable to sensitive information leak due to HTTP response

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used in further attacks against the system...

6.5CVSS5.9AI score0.00226EPSS
Exploits0References1
CVE
CVE
added 2026/03/03 7:53 p.m.11 views

CVE-2025-13616

Vulnerability: IBM DataStage on Cloud Pak for Data (DataStage on Cloud Pak for Data) versions 5.1.2–5.3.0 expose sensitive information in an HTTP response, enabling information disclosure. Root cause: HTTP response leakage of sensitive system information. Impact: confidentiality impact H with no ...

7.5CVSS5.9AI score0.00226EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.13 views

PT-2026-7654

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the admin parameter...

5.5AI score0.00553EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.15 views

CVE-2023-43503

A vulnerability has been identified in COMOS All versions V10.4.4. Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP...

7.5CVSS6.4AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:50 a.m.11 views

CVE-2020-24577

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. The One Touch application discloses sensitive information, such as the hashed admin login password and the Internet provider connection username and cleartext password, in the application's response body...

7.5CVSS7.2AI score0.19061EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.9 views

CVE-2024-41157

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free...

8.8CVSS6.3AI score0.00188EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.19 views

CVE-2019-12741

XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.java via a specially crafte...

6.1CVSS5.7AI score0.01268EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.8 views

CVE-2025-1348

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy...

4CVSS6.2AI score0.00128EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:16 a.m.25 views

CVE-2025-1495

IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center may leak sensitive information due to missing authorization validation...

4.3CVSS6.2AI score0.00211EPSS
Exploits0References1
CVE
CVE
added 2025/12/26 12:0 a.m.8 views

CVE-2024-29720

CVE-2024-29720 concerns Sciter v4.4.7.0 from Terra Informatica Software. The vulnerability stems from the adopt component of Sciter's video rendering function, allowing a local attacker to obtain sensitive information. Affected product: Sciter 4.4.7.0; root cause: flaw in adopt path of video rend...

6.2CVSS6AI score0.00169EPSS
Exploits1References1Affected Software1
GithubExploit
GithubExploit
added 2025/12/17 3:49 a.m.200 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Google Android

An improved poc of...

6.5CVSS7AI score0.12388EPSS
Exploits12
EUVD
EUVD
added 2025/12/15 6:30 p.m.6 views

EUVD-2025-203402

An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via the Logout option in the index.html...

5.8AI score0.00104EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/12/11 7:50 p.m.6 views

uri: URI module: Credential exposure via URI + operator

A flaw was found in the URI module. A remote attacker could exploit this vulnerability by using the + operator to combine Uniform Resource Identifiers URIs. This bypasses a previous fix and can lead to the leakage of sensitive information, such as user credentials passwords, from the original URI...

7.5CVSS5.8AI score0.0051EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/11/03 4:2 a.m.6 views

CVE-2025-12616 PHPGurukul News Portal settings.py insertion of sensitive information into debugging code

A vulnerability was detected in PHPGurukul News Portal 1.0. The impacted element is an unknown function of the file /onps/settings.py. Performing a manipulation results in insertion of sensitive information into debugging code. It is possible to initiate the attack remotely. The attack's complexi...

6.3CVSS4.3AI score0.00534EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-1350

Malware in sbrugna...

2.1CVSS6AI score0.00414EPSS
Exploits0References42
Rows per page
Query Builder