PT-2026-22715

Cleartext Storage of Sensitive Information CWE-312 in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the session token and exploit access for a limited duration. This issue affects Command Centre Mobile...

PT-2026-22820

IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

PT-2026-22814

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 An XML External Entity XXE vulnerability in IBM InfoSphere Information Server could allow attackers to retrieve sensitive information from the server...

IBM MQ Appliance 加密问题漏洞

IBM MQ Appliance is an IBM software that is pre-installed on specialized, secure hardware. Versions of IBM MQ Appliance 9.4 CD 9.4.4.1 and earlier have a security vulnerability due to the use of encryption algorithms that are weaker than expected. This vulnerability may allow attackers to decrypt...

IBM InfoSphere Information Server 日志信息泄露漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A log information disclosure vulnerability exists in IBM InfoSphere Information Server that...

Trend Micro Apex Central Hub Server Server-Side Request Forgery Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of hub server URLs. By providing a crafted URL, an attacker ca...

CVE-2024-55023

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow attackers to access sensitive information...

PT-2026-22803

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to writing of sensitive Information in a log file...

IBM Aspera faspio Gateway 加密问题漏洞

IBM Aspera faspio Gateway is a data transfer software developed by IBM Corporation. Version 1.3.6 of IBM Aspera faspio Gateway contains a vulnerability related to encryption. This vulnerability stems from the use of an encryption algorithm that is weaker than expected, which may allow attackers t...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005474)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005474 advisory. A flaw possibility of memory leak in the Linux kernel cpuentryarea mapping of X86 CPU data to memory was found in the way user can guess location of exception stacks...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the xcofflinkaddsymbols function. An attacker can access sensitive information by convincing a user to process a specially crafted XCOFF object file. Remediation There is no fixed version for binutils. References -...

BIT-SUPERSET-2026-23969 Apache Superset: Exposure of Sensitive Information via Incomplete ClickHouse Function Filtering

Apache Superset utilizes a configurable dictionary, DISALLOWEDSQLFUNCTIONS, to restrict the execution of potentially sensitive SQL functions within SQL Lab and charts. While this feature included restrictions for engines like PostgreSQL, a vulnerability was reported where the default list for the...

Microsoft Outlook Information Disclosure Vulnerability (CNVD-2026-12557)

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Outlook. The vulnerability stems from the application's inadequate protection of sensitive information and can be exploited by an attacker to conduc...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

Adobe InDesign Desktop suffers from an out-of-bounds read vulnerability

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. A security vulnerability exists in Adobe InDesign Desktop version 21.1, version 20.5.1, and prior versions, which can be exploited by attackers to obtain sensitive information...

WordPress Plugin Simple Ajax Chat Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Simple Ajax Chat. The...

CVE-2025-58107

In Microsoft Exchange through 2019, Exchange ActiveSync EAS configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password...

Information Disclosure Vulnerability in IBM Sterling B2B Integrator and IBM Sterling File Gateway

IBM Sterling B2B Integrator is a flexible integration platform that simplifies complex B2B and Electronic Data Interchange EDI processes across the partner ecosystem, supports local and hybrid cloud deployments, ensures data security, and provides high availability guarantees.IBM Sterling File...

CVE-2025-58107

In Microsoft Exchange through 2019, Exchange ActiveSync EAS configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password...

EUVD-2025-208168

In Microsoft Exchange through 2019, Exchange ActiveSync EAS configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password...