CVE-2026-23661

Cleartext transmission of sensitive information in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...

CVE-2026-2476

Mattermost Plugins versions =2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606...

WordPress Nexter Blocks plugin <= 4.7.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Bao - BlueRock in WordPress Plugin Nexter Blocks versions = 4.7.0...

CVE-2025-55262

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database...

WordPress Sunshine Photo Cart plugin < 3.6.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Bao - BlueRock in WordPress Plugin Sunshine Photo Cart versions 3.6.2...

CVE-2025-55262

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database...

CVE-2025-55262

CVE-2025-55262 affects HCL Aftermarket DPC with a SQL Injection vulnerability that can allow an attacker to retrieve sensitive data from the database. The connected documents confirm the vulnerability and its impact but do not provide specifics on the vulnerable component paths, versions, exploit...

CVE-2025-55262 HCL Aftermarket DPC is affected by SQL Injection

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database...

CVE-2025-55274 HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability

HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability. CORS misconfigurations includes the exposure of sensitive user information to attackers, unauthorized access to APIs, and possible data manipulation or leakage. If an attacker to exploit CORS misconfiguration, they...

CVE-2018-25206

KomSeo Cart 1.3 contains an SQL injection in edit.php via the my_item_search parameter. Attackers can submit POST payloads to perform boolean-based blind or error-based injections to extract sensitive database information. The vulnerability has high impact on confidentiality (C) and low impact on...

CVE-2018-25206 KomSeo Cart 1.3 SQL Injection via edit.php

KomSeo Cart 1.3 contains an SQL injection vulnerability that allows attackers to inject SQL commands through the 'myitemsearch' parameter in edit.php. Attackers can submit POST requests with malicious SQL payloads to extract sensitive database information using boolean-based blind or error-based...

Malicious code in aquasecurityofficial.trivy-vulnerability-scanner (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security b6cab1dae06f51e2aaa57704d8374b6882440070d0796e7b719a85e6f803888b This extension is a compromised version of the offical Trivy VSCode extension available on the Microsoft Marketplace. Versions 1.8.11 and...

EUVD-2025-209040

IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

CVE-2026-29976

Buffer Overflow vulnerability in ZerBea hcxpcapngtool v. 7.0.1-43-g2ee308e allows a local attacker to obtain sensitive information via the getradiotapfield function...

CVE-2026-29976

Buffer Overflow vulnerability in ZerBea hcxpcapngtool v. 7.0.1-43-g2ee308e allows a local attacker to obtain sensitive information via the getradiotapfield function...

Canva Affinity Out-of-Bounds Read Vulnerability (CNVD-2026-15856)

Canva Affinity is a range of professional graphic design and image editing software from Canva Australia. Canva Affinity suffers from an out-of-bounds read vulnerability, which can be exploited by an attacker to perform an out-of-bounds read using a specially crafted EMF file to disclose sensitiv...

Canva Affinity Out-of-Bounds Read Vulnerability (CNVD-2026-15853)

Canva Affinity is a range of professional graphic design and image editing software from Canva Australia. Canva Affinity suffers from an out-of-bounds read vulnerability, which can be exploited by an attacker to perform an out-of-bounds read using a specially crafted EMF file to disclose sensitiv...

Canva Affinity Out-of-Bounds Read Vulnerability (CNVD-2026-15847)

Canva Affinity is a range of professional graphic design and image editing software from Canva Australia. Canva Affinity suffers from an out-of-bounds read vulnerability, which can be exploited by an attacker to perform an out-of-bounds read using a specially crafted EMF file to disclose sensitiv...

PT-2026-28393

Name of the Vulnerable Software and Affected Versions ZerBea hcxpcapngtool version 7.0.1-43-g2ee308e Description A buffer overflow condition exists in ZerBea hcxpcapngtool. A local attacker can potentially obtain sensitive information by exploiting the getradiotapfield function. Recommendations A...

Canva Affinity Out-of-Bounds Read Vulnerability (CNVD-2026-15845)

Canva Affinity is a range of professional graphic design and image editing software from Canva Australia. Canva Affinity suffers from an out-of-bounds read vulnerability, which can be exploited by an attacker to perform an out-of-bounds read using a specially crafted EMF file to disclose sensitiv...