Lucene search
K

283 matches found

Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.8 views

PT-2026-5393

Improper handling of filenames in certain HIKSEMI NAS products may lead to the exposure of sensitive system files...

4.6CVSS5.9AI score0.00235EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.6 views

Hiksemi NAS security vulnerabilities

HIKSEMI NAS is a private cloud storage device of China’s HIKSEMI Corporation. There is a security vulnerability in HIKSEMI NAS, which stems from improper handling of file names, potentially leading to the disclosure of sensitive system files...

4.6CVSS5.8AI score0.00235EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.8 views

PT-2026-4373

Name of the Vulnerable Software and Affected Versions WP FullCalendar versions through 1.6 Description A flaw exists in WP FullCalendar that allows the retrieval of embedded sensitive data. This issue potentially exposes sensitive system information to unauthorized access. Recommendations Update ...

7.5CVSS5.2AI score0.00296EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.6 views

PT-2026-4034

Name of the Vulnerable Software and Affected Versions Dimitri Grassi Salon booking system versions prior to and including 10.30.3 Description The Salon booking system contains a flaw that allows the retrieval of embedded sensitive data, potentially exposing system information to unauthorized...

5.2AI score0.00355EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/21 12:0 a.m.4 views

Yodinfo Mini Mouse path traversal vulnerability

Yodinfo Mini Mouse is a mobile remote control application developed by Yodinfo in China. The version 9.3.0 of Yodinfo Mini Mouse contains a path traversal vulnerability. This vulnerability stems from the use of device information endpoints that allow for path traversal, potentially leading to...

8.7CVSS5.8AI score0.0066EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

Qnap QTS and QuTS hero Exposure of Sensitive System Information to an Unauthorized Control Sphere (CVE-2025-9110)

An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data. We have already fixed the vulnerability in the followin...

7.5CVSS5.4AI score0.00408EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.11 views

Kyocera Command Center RX 路径遍历漏洞

Kyocera Command Center RX is a centralized printer management tool from Kyocera, Japan. The product is primarily used to manage and monitor printers on a local area network LAN. A path traversal vulnerability exists in Kyocera Command Center RX that stems from the presence of directory traversal,...

8.7CVSS7.3AI score0.03534EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 10:41 a.m.8 views

CVE-2022-35203

An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated attackers to access sensitive system information...

7.2CVSS6.9AI score0.01963EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.11 views

WordPress plugin Poptics 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.3CVSS5.8AI score0.00176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/25 1:23 p.m.5 views

CVE-2025-68494

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Retrieve Embedded Sensitive Data.This issue affects Premium Addons for Elementor: from n/a through = 4.11.53...

5.3CVSS6.9AI score0.00305EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/25 12:0 a.m.3 views

Kentico Xperience Information Disclosure Vulnerability

Kentico Xperience is a digital experience platform from Kentico. Kentico Xperience suffers from an information disclosure vulnerability that originates in the Live Site Part Properties dialog box that could disclose sensitive system objects and can be exploited by an attacker to cause unauthorize...

5.3CVSS5.9AI score0.00223EPSS
Exploits0References1
NVD
NVD
added 2025/12/24 1:16 p.m.4 views

CVE-2025-68576

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Virusdie Virusdie virusdie allows Retrieve Embedded Sensitive Data.This issue affects Virusdie: from n/a through = 1.1.6...

4.3CVSS0.00215EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/23 12:30 p.m.6 views

EUVD-2025-204788

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vikas Ratudi VPSUForm allows Retrieve Embedded Sensitive Data.This issue affects VPSUForm: from n/a through 3.2.24...

6.5CVSS6.3AI score0.00223EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/23 6:29 a.m.7 views

CVE-2025-11545

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sharp Display Solutions projectors allows a attacker may improperly access the HTTP server and execute arbitrary actions...

9.5CVSS7.3AI score0.00276EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 8:15 p.m.5 views

CVE-2019-25230

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

5.3CVSS0.00223EPSS
Exploits0References2
OSV
OSV
added 2025/12/18 8:15 p.m.5 views

CVE-2019-25230

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

4.3CVSS5.6AI score0.00223EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/18 7:53 p.m.4 views

CVE-2019-25230 Kentico Xperience <= 12.0.0 User Widget Information Disclosure

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

5.3CVSS5.6AI score0.00223EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.3 views

Kentico Xperience 安全漏洞

Kentico Xperience is a digital experience platform from Kentico. Kentico Xperience suffers from an information disclosure vulnerability that originates in the Live Site Part Properties dialog box that could disclose sensitive system objects and can be exploited by an attacker to cause unauthorize...

5.3CVSS5.8AI score0.00223EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.5 views

PT-2025-52296

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

5.3CVSS6AI score0.00223EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.9 views

PT-2025-52176

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in wpweb Follow My Blog Post follow-my-blog-post allows Retrieve Embedded Sensitive Data.This issue affects Follow My Blog Post: from n/a through = 2.3.9...

6.9AI score0.00303EPSS
Exploits0References2
Rows per page
Query Builder