Lucene search
K

28053 matches found

Vulnrichment
Vulnrichment
added 2026/02/11 10:58 p.m.3 views

CVE-2026-20627

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data...

5.5AI score0.00142EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/11 10:58 p.m.23 views

CVE-2026-20627

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3, watchOS 26.3. An app may be able to access sensitive user data...

0.00142EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/02/11 10:58 p.m.4 views

CVE-2026-20647

This issue was addressed with improved data protection. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data...

5.5CVSS5.4AI score0.00137EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/11 8:56 p.m.4 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the /api/users endpoint. An attacker can access sensitive information by sending a specially crafted request. Remediation There is no fixed version for...

8.8CVSS5.6AI score0.00386EPSS
Exploits1References2
OSV
OSV
added 2026/02/11 8:16 p.m.4 views

CVE-2024-26480

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the admin parameter...

7.5CVSS5.9AI score0.00553EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/11 7:45 p.m.4 views

CVE-2026-21222

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally...

5.5CVSS5.4AI score0.0057EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/11 7:45 p.m.5 views

CVE-2026-21314

Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must...

5.5CVSS5.4AI score0.00153EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/11 7:44 p.m.5 views

CVE-2026-23655

Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network...

6.5CVSS5.4AI score0.00954EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 6:16 p.m.5 views

CVE-2025-70084

Directory traversal vulnerability in OpenSatKit 2.2.1 allows attackers to gain access to sensitive information or delete arbitrary files via crafted value to the FileUtilGetFileInfo function...

7.5CVSS5.7AI score
Exploits0References4
NVD
NVD
added 2026/02/11 3:16 p.m.8 views

CVE-2025-12059

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Logo Software Industry and Trade Inc. Logo j-Platform allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Logo j-Platform: from 3.29.6.4 before 3.34.8.9...

9.8CVSS0.00307EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/11 2:16 p.m.4 views

CVE-2026-2249

METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...

9.8CVSS6.1AI score0.00514EPSS
Exploits1References2
CVE
CVE
added 2026/02/11 1:58 p.m.9 views

CVE-2025-12059

CVE-2025-12059 concerns Logo j-Platform by Logo Software Industry and Trade Inc. The issue is a vulnerability in which insertion of sensitive information into externally-accessible files or directories is possible due to incorrectly configured access control security levels. Affected software: Lo...

9.8CVSS5.8AI score0.00307EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/11 1:58 p.m.3 views

CVE-2025-12059

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Logo Software Industry and Trade Inc. Logo j-Platform allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Logo j-Platform: from 3.29.6.4 before 3.34.8.9...

9.8CVSS5.8AI score0.00307EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/02/11 1:58 p.m.29 views

CVE-2025-12059 Improper Access Control in Logo Software's Logo j-Platform

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Logo Software Industry and Trade Inc. Logo j-Platform allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Logo j-Platform: from 3.29.6.4 before 3.34.8.9...

9.8CVSS0.00307EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/11 1:58 p.m.6 views

CVE-2025-12059 Improper Access Control in Logo Software's Logo j-Platform

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Logo Software Industry and Trade Inc. Logo j-Platform allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Logo j-Platform: from 3.29.6.4 before 3.34.8.9...

9.8CVSS5.8AI score0.00307EPSS
Exploits0References2
CVE
CVE
added 2026/02/11 1:25 p.m.10 views

CVE-2026-0910

wpForo Forum plugin for WordPress (versions up to 2.4.13) is vulnerable to PHP Object Injection via deserialization in wpforo_display_array_data. Exploitation requires an authenticated user with Subscriber-level access or higher. A POP chain must be present in another plugin or theme for practica...

8.8CVSS6.2AI score0.00502EPSS
Exploits0References3
OSV
OSV
added 2026/02/11 1:15 p.m.4 views

CVE-2025-57713

A weak authentication vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5166 and later...

7.5CVSS5.8AI score0.00512EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/11 12:17 p.m.2 views

CVE-2025-57713 File Station 5

A weak authentication vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5166 and later...

5.3CVSS5.5AI score0.00512EPSS
Exploits0References1
CVE
CVE
added 2026/02/11 12:17 p.m.14 views

CVE-2025-57713

CVE-2025-57713 concerns QNAP File Station 5. The weakness is a weak authentication mechanism that could allow remote attackers to obtain sensitive information. Disclosed across multiple sources, with a fix released in File Station 5 5.5.6.5166 and later; affected versions prior to this may be vul...

7.5CVSS5.5AI score0.00512EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/02/11 12:16 p.m.6 views

CVE-2025-10174

Cleartext Transmission of Sensitive Information vulnerability in Pan Software & Information Technologies Ltd. PanCafe Pro allows Flooding. This issue affects PanCafe Pro: from 3.3.2 through 23092025...

8.3CVSS0.00124EPSS
Exploits0References2
Rows per page
Query Builder