CVE-2021-40049

There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization...

ROS-20220112-04

A vulnerability in the Django web application framework is related to excessive data output by the application during the processing error conditions. Exploitation of the vulnerability could allow an attacker acting remotely, to obtain sensitive system information. Django web application framewor...

CVE-2021-43065

A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data...

CVE-2021-43065

A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data...

CVE-2021-28557 Adobe Acrobat Reader out-of-bounds read in PDFLibTool could lead to information exposure

Acrobat Reader DC versions versions 2021.001.20150 and earlier, 2020.001.30020 and earlier and 2017.011.30194 and earlier are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to leak sensitive system information in the context of the...

DEBIAN-CVE-2021-27019

PuppetDB logging included potentially sensitive system information...

CVE-2021-32067

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information through an HTTP response due to insufficient output sanitization...

Discourse 信息泄露漏洞

Discourse is an open source community discussion platform that includes community, email and chat room features. The platform includes community, email, and chat room features.Discourse suffers from an information disclosure vulnerability that stems from not adding a valid configuration to the...

mySCADA myPRO 访问控制错误漏洞

mySCADA myPRO is a software application. myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An access control error vulnerability exists in mySCADA myPRO where the affected product allows unauthenticated access to sensitive syste...

Juniper Networks Junos OS 信息泄露漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. The Junos OS is vulnerable to an information disclosure vulnerability that arises from the exposure of a...

CVE-2021-35336

Tieline IP Audio Gateway 2.6.4.8 and below is affected by Incorrect Access Control. A vulnerability in the Tieline Web Administrative Interface could allow an unauthenticated user to access a sensitive part of the system with a high privileged account...

CVE-2021-0231

A path traversal vulnerability in the Juniper Networks SRX and vSRX Series may allow an authenticated J-web user to read sensitive system files. This issue affects Juniper Networks Junos OS on SRX and vSRX Series: 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R2-S4,...

Path traversal

A path traversal vulnerability in the Juniper Networks SRX and vSRX Series may allow an authenticated J-web user to read sensitive system files. This issue affects Juniper Networks Junos OS on SRX and vSRX Series: 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R2-S4,...

Arbitrary File Download Vulnerability in SeaCMS

SeaCMS Ocean CMS, Ocean Video Management System is a video-on-demand system designed for webmasters with different needs. SeaCMS has an arbitrary file download vulnerability, which can be exploited by attackers to obtain sensitive system information...

Unauthorized Access Vulnerability in Helpline CRM Customer Management System

CRM is a key product of Hubei DianDianDian Information Technology Co., Ltd. focusing on providing collaborative management software, office management solutions and cloud services for small and medium-sized enterprises, and is committed to creating high-quality, low-priced enterprise office...

Information Leakage Vulnerability in VNet Web Management System of Zhonghai Da

Guangzhou Zhonghaida Satellite Navigation Technology Co., Ltd stock code: 300177 is the first and so far the only listed company in the field of domestic surveying, mapping and geographic information technology equipment. An information leakage vulnerability exists in ZHIDA's VNet web management...

GE Healthcare Imaging and Ultrasound Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Healthcare Equipment: GE Imaging and Ultrasound Products Vulnerabilities: Unprotected Transport of Credentials, Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK...

CVE-2020-26818

SAP NetWeaver AS ABAP Web Dynpro, versions - 731, 740, 750, 751, 752, 753, 754, 755, 782, allows an authenticated user to access Web Dynpro components, which reveals sensitive system information that would otherwise be restricted to highly privileged users because of missing authorization,...

CVE-2019-11857 ALEOS AceManager Information Disclosure

Lack of input sanitization in AceManager of ALEOS before 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitive system information...

Super Backup 2.0.5 for iOS - Directory Traversal Vulnerability

Exploit for iOS platform in category web applications Title: Super Backup 2.0.5 for iOS - Directory Traversal Software: https://apps.apple.com/us/app/super-backup-export-import/id1052684097 CVE: N/A Document Title: =============== Super Backup v2.0.5 iOS - Directory Traversal Vulnerability Produc...