Lucene search
K

28054 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/10 5:51 p.m.7 views

CVE-2026-23655

Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network...

6.5CVSS5.4AI score0.00954EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/02/10 4:25 p.m.17 views

CVE-2025-27572

CVE-2025-27572 is an information-disclosure vulnerability in some Intel® Trust Domain Extensions (TDX) modules. A privileged, highly capable attacker with local access could trigger data exposure during transient execution in Ring 0 of the hypervisor. The impact is confined to confidentiality (hi...

5.6CVSS5.5AI score0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 4:25 p.m.23 views

CVE-2025-27572

Exposure of sensitive information during transient execution for some TDX within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access...

5.6CVSS0.00105EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 4:16 p.m.10 views

CVE-2025-68686

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability CWE-200 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions may allow a remote unauthenticated attacker to bypas...

5.9CVSS0.00477EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.5 views

Windows Kernel Information Disclosure Vulnerability

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally...

5.5CVSS5.4AI score0.0057EPSS
Exploits0
Cvelist
Cvelist
added 2026/02/10 3:39 p.m.25 views

CVE-2025-68686

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability CWE-200 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions may allow a remote unauthenticated attacker to bypas...

5.9CVSS0.00477EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/10 1:23 p.m.6 views

CVE-2025-7708

Insertion of Sensitive Information Into Sent Data vulnerability in Atlas Educational Software Industry Ltd. Co. K12net allows Communication Channel Manipulation.This issue affects k12net: through 09022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

6.8CVSS5.4AI score0.00253EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/10 1:23 p.m.6 views

CVE-2025-10464

Insecure Storage of Sensitive Information vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Retrieve Embedded Sensitive Data.This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufactur...

6.5CVSS5.8AI score0.00249EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 9:26 a.m.19 views

CVE-2026-2268

The CVE-2026-2268 entry concerns Ninja Forms for WordPress (

7.5CVSS5.7AI score0.00331EPSS
Exploits2References5
NVD
NVD
added 2026/02/10 4:16 a.m.7 views

CVE-2026-24322

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vulnerability has a high impact on confidentiality and does not affect integrity or availability...

7.7CVSS0.00209EPSS
Exploits0References2
NVD
NVD
added 2026/02/10 4:16 a.m.11 views

CVE-2026-24321

SAP Commerce Cloud exposes multiple API endpoints to unauthenticated users, allowing them to submit requests to these open endpoints to retrieve sensitive information that is not intended to be publicly accessible via the front-end. This vulnerability has a low impact on confidentiality and does...

5.3CVSS0.00214EPSS
Exploits0References2
OSV
OSV
added 2026/02/10 4:16 a.m.4 views

CVE-2026-24322

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vulnerability has a high impact on confidentiality and does not affect integrity or availability...

7.7CVSS5.7AI score0.00209EPSS
Exploits0References2
OSV
OSV
added 2026/02/10 4:16 a.m.9 views

CVE-2026-24321

SAP Commerce Cloud exposes multiple API endpoints to unauthenticated users, allowing them to submit requests to these open endpoints to retrieve sensitive information that is not intended to be publicly accessible via the front-end. This vulnerability has a low impact on confidentiality and does...

5.3CVSS5.8AI score0.00214EPSS
Exploits0References2
NVD
NVD
added 2026/02/10 4:16 a.m.7 views

CVE-2026-24319

In SAP Business One, sensitive information is written to the application�s memory dump files without obfuscation. Gaining access to this information could potentially lead to unauthorized operations within the B1 environment, including modification of company data. This issue results in a high...

5.8CVSS0.00094EPSS
Exploits0References2
OSV
OSV
added 2026/02/10 4:16 a.m.4 views

CVE-2026-24319

In SAP Business One, sensitive information is written to the application�s memory dump files without obfuscation. Gaining access to this information could potentially lead to unauthorized operations within the B1 environment, including modification of company data. This issue results in a high...

5.8CVSS5.8AI score0.00094EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/10 3:4 a.m.27 views

CVE-2026-24328 Open Redirection vulnerability in Business Server Pages Application (TAF_APPLAUNCHER)

SAP TAFAPPLAUNCHER within Business Server Pages allows unauthenticated attacker to craft malicious links that, when clicked by a victim, redirect them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on...

6.1CVSS0.00165EPSS
Exploits0References2
CVE
CVE
added 2026/02/10 3:4 a.m.14 views

CVE-2026-24322

CVE-2026-24322 affects the SAP Solution Tools Plug-In (ST-PI). A function module does not perform required authorization checks for authenticated users, enabling disclosure of sensitive information. Impact is confined to confidentiality (high) per the provided metrics (CVSS 3.1: base 7.7, HIGH). ...

7.7CVSS5.4AI score0.00209EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/10 3:3 a.m.30 views

CVE-2026-24321 Information Disclosure vulnerability in SAP Commerce Cloud

SAP Commerce Cloud exposes multiple API endpoints to unauthenticated users, allowing them to submit requests to these open endpoints to retrieve sensitive information that is not intended to be publicly accessible via the front-end. This vulnerability has a low impact on confidentiality and does...

5.3CVSS0.00214EPSS
Exploits0References2
CVE
CVE
added 2026/02/10 3:3 a.m.25 views

CVE-2026-24321

CVE-2026-24321 concerns SAP Commerce Cloud, where multiple API endpoints are exposed to unauthenticated users. The issue allows retrieval of information not intended for public access via the front-end. The documented impact is limited to confidentiality (low), with no reported impact to integrit...

5.3CVSS5.5AI score0.00214EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/10 3:3 a.m.27 views

CVE-2026-24319 Information Disclosure Vulnerability in SAP Business One (B1 Client Memory Dump Files)

In SAP Business One, sensitive information is written to the application�s memory dump files without obfuscation. Gaining access to this information could potentially lead to unauthorized operations within the B1 environment, including modification of company data. This issue results in a high...

5.8CVSS0.00094EPSS
Exploits0References2
Rows per page
Query Builder