Lucene search
K

28054 matches found

CVE
CVE
added 2026/02/10 3:3 a.m.12 views

CVE-2026-24319

In SAP Business One, sensitive information is written to memory dump files without obfuscation, exposing confidential and integrity-related data. This CVE (CVE-2026-24319) is a local-attack with high privileges required and user interaction, affecting confidentiality and integrity (no availabilit...

5.8CVSS5.5AI score0.00094EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2026/02/10 12:0 a.m.2 views

OpenClaw Information Disclosure Vulnerability

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has an information disclosure vulnerability that stems from the isValidMedia function allowing arbitrary file paths, which can be exploited by an attacker to cause the reading of arbitrary files and the disclosure of...

6.5CVSS5.8AI score0.00745EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.7 views

SAP Commerce Cloud 安全漏洞

SAP Commerce Cloud is a cloud-based e-commerce platform developed by SAP, a German company. This platform supports sales management, marketing management, order management, and operations management. There is a security vulnerability in SAP Commerce Cloud, which stems from exposing multiple API...

5.3CVSS5.8AI score0.00214EPSS
Exploits0References3
CNVD
CNVD
added 2026/02/10 12:0 a.m.3 views

Apache Syncope Code Issue Vulnerability

Apache Syncope is the United States Apache Apache Foundation's set of open source digital identity management system for use in enterprise environments. The system supports identity management, role configuration and more. Apache Syncope there is a code problem vulnerability , the vulnerability...

4.9CVSS6.1AI score0.00827EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.9 views

PT-2026-7218

In SAP Business One, sensitive information is written to the application�s memory dump files without obfuscation. Gaining access to this information could potentially lead to unauthorized operations within the B1 environment, including modification of company data. This issue results in a high...

5.8CVSS5.5AI score0.00094EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.22 views

PT-2026-7221

Name of the Vulnerable Software and Affected Versions SAP Solution Tools Plug-In affected versions not specified Description The SAP Solution Tools Plug-In ST-PI includes a function module lacking proper authorization checks for authenticated users, potentially leading to the disclosure of...

7.7CVSS5.4AI score0.00209EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.9 views

PT-2026-7414

Name of the Vulnerable Software and Affected Versions Azure Compute Gallery affected versions not specified Description An authorized attacker may be able to disclose sensitive information over a network due to the cleartext storage of that information within Azure Compute Gallery. Approximately...

6.5CVSS5.2AI score0.00954EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.4 views

PT-2026-7362

Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network...

7.5CVSS5.5AI score0.01425EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.7 views

Microsoft Outlook 信息泄露漏洞

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Outlook. The vulnerability stems from the application's inadequate protection of sensitive information and can be exploited by an attacker to conduc...

7.5CVSS5.8AI score0.01425EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.10 views

Microsoft Excel 缓冲区错误漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A buffer overflow vulnerability exists in Microsoft Excel. The vulnerability stems from the program's failure to properly validate the length and size of input data, which can be exploited by an attacker ...

5.5CVSS6AI score0.00596EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.7 views

SAP Business One 安全漏洞

SAP Business One is a business management software developed by the German company SAP. This software includes functions such as financial management, operational management, and human resource management. There is a security vulnerability in SAP Business One, which stems from sensitive informati...

5.8CVSS5.8AI score0.00094EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/02/09 11:42 p.m.7 views

WordPress PopupKit plugin <= 2.2.0 - Missing Authorization to Sensitive Information Disclosure and Data Deletion vulnerability

Missing Authorization to Sensitive Information Disclosure and Data Deletion vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin PopupKit versions = 2.2.0...

5.4CVSS5.5AI score0.00282EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/02/09 10:16 p.m.15 views

CVE-2026-25813

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive data directly to console output without masking or redaction...

8.7CVSS0.00256EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/09 9:29 p.m.5 views

CVE-2026-25918

unity-cli is a command line utility for the Unity Game Engine. Prior to 1.8.2 , the sign-package command in @rage-against-the-pixel/unity-cli logs sensitive credentials in plaintext when the --verbose flag is used. Command-line arguments including --email and --password are output via...

5.9CVSS5.6AI score0.00132EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/02/09 9:29 p.m.12 views

CVE-2026-25918

The CVE concerns the unity-cli tool (specifically the sign-package command in the package @rage-against-the-pixel/unity-cli). Before version 1.8.2, when invoked with --verbose, the command logs sensitive credentials in plaintext by serializing CLI arguments (including --email and --password) with...

5.9CVSS5.6AI score0.00132EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/09 9:4 p.m.4 views

CVE-2026-25813 PlaciPy Exposes Sensitive Data via Application Logs

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive data directly to console output without masking or redaction...

8.7CVSS5.5AI score0.00256EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/09 9:4 p.m.5 views

CVE-2026-25813

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive data directly to console output without masking or redaction...

8.7CVSS5.5AI score0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/09 9:4 p.m.27 views

CVE-2026-25813 PlaciPy Exposes Sensitive Data via Application Logs

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive data directly to console output without masking or redaction...

8.7CVSS0.00256EPSS
Exploits0References1
CVE
CVE
added 2026/02/09 9:4 p.m.13 views

CVE-2026-25813

PlaciPy (educational placement system) – Affects version 1.0.0, where sensitive data is logged to console output unmasked. Root cause: logging of highly sensitive data without redaction. Impact: potential exposure of confidential information via console/log streams, with CVSS 4.0/AV:N/AC:L/PR:N/U...

8.7CVSS5.5AI score0.00256EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/02/09 9:4 p.m.6 views

CVE-2026-25813 PlaciPy Exposes Sensitive Data via Application Logs

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive data directly to console output without masking or redaction...

8.7CVSS5.5AI score0.00256EPSS
Exploits0References3
Rows per page
Query Builder