Lucene search
K

28055 matches found

CNNVD
CNNVD
added 2026/02/05 12:0 a.m.6 views

IBM webMethods Integration 安全漏洞

IBM webMethods Integration is a hybrid enterprise iPaaS offered by International Business Machines IBM. There are security vulnerabilities in the versions of IBM webMethods Integration 10.15 up to IS10.15CoreFix2411.1 and IS11.1CoreFix8. These vulnerabilities stem from the possibility of sensitiv...

6.5CVSS5.8AI score0.00323EPSS
Exploits0References1
Redos
Redos
added 2026/02/05 12:0 a.m.4 views

ROS-20260205-73-0001

A vulnerability in the net/can/bcm.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data and also cause a denial of service...

7.1CVSS7.2AI score0.00204EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.8 views

PT-2026-6802

Name of the Vulnerable Software and Affected Versions Sliver versions prior to 1.6.11 Description Sliver is a command and control framework that utilizes a custom Wireguard netstack. A path traversal issue exists in the website content subsystem, allowing an authenticated operator to read arbitra...

9.9CVSS5.8AI score0.27661EPSS
Exploits45References116
OSV
OSV
added 2026/02/04 9:15 p.m.5 views

CVE-2023-38010

IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system...

7.5CVSS5.8AI score0.00292EPSS
Exploits0References1
CVE
CVE
added 2026/02/04 8:24 p.m.11 views

CVE-2023-38010

Technical details about CVE-2023-38010 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.

7.5CVSS5.2AI score0.00292EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2026/02/04 7:55 p.m.3 views

CVE-2026-25475 OpenClaw Vulnerable to Local File Inclusion via MEDIA: Path Extraction

OpenClaw is a personal AI assistant. Prior to version 2026.1.30, the isValidMedia function in src/media/parse.ts allows arbitrary file paths including absolute paths, home directory paths, and directory traversal sequences. An agent can read any file on the system by outputting MEDIA:/path/to/fil...

6.5CVSS5.5AI score0.00745EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/04 7:28 p.m.6 views

CVE-2026-25023

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a...

5.3CVSS5.4AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 7:28 p.m.5 views

CVE-2026-24998

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup allows Retrieve Embedded Sensitive Data.This issue affects Hustle: from n/a through = 7.8.9.2...

5.3CVSS5.4AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 7:28 p.m.5 views

CVE-2026-24992

Insertion of Sensitive Information Into Sent Data vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting webd-woocommerce-advanced-reporting-statistics allows Retrieve Embedded Sensitive Data.This issue affects Advanced WooCommerce Product Sales Reporting: from n/a through = 4.1....

5.3CVSS5.3AI score0.00197EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/02/04 7:2 p.m.7 views

OpenClaw Vulnerable to Local File Inclusion via MEDIA: Path Extraction

Summary The isValidMedia function in src/media/parse.ts allows arbitrary file paths including absolute paths, home directory paths, and directory traversal sequences. An agent can read any file on the system by outputting MEDIA:/path/to/file, exfiltrating sensitive data to the user/channel. Detai...

6.5CVSS5.6AI score0.00745EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2026/02/04 3:16 p.m.9 views

CVE-2025-69618

An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

8.1CVSS0.0034EPSS
Exploits1References4
EUVD
EUVD
added 2026/02/04 3:2 p.m.4 views

EUVD-2026-5430

A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow attackers to gain access to sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

3.3CVSS5.4AI score0.001EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/04 12:31 p.m.3 views

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the obfuscateliterals option in query logging. An attacker can access sensitive information by reading unredacted error data in the query logs when queries fail. Notes: This is only...

5.5CVSS5.6AI score0.00144EPSS
Exploits0References2
OSV
OSV
added 2026/02/04 11:16 a.m.4 views

CVE-2026-24735

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized user to retrieve restricted or...

7.5CVSS5.4AI score
Exploits0References2
NVD
NVD
added 2026/02/04 9:15 a.m.7 views

CVE-2025-15482

The Chapa Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.3 via 'chapaproceed' WooCommerce API endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including t...

5.3CVSS0.00282EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/04 8:25 a.m.27 views

CVE-2025-15482 Chapa Payment Gateway Plugin for WooCommerce <= 1.0.3 - Unauthenticated Sensitive Information Exposure

The Chapa Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.3 via 'chapaproceed' WooCommerce API endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including t...

5.3CVSS0.00282EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/04 8:25 a.m.3 views

CVE-2025-15482 Chapa Payment Gateway Plugin for WooCommerce <= 1.0.3 - Unauthenticated Sensitive Information Exposure

The Chapa Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.3 via 'chapaproceed' WooCommerce API endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including t...

5.3CVSS5.3AI score0.00282EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/04 8:25 a.m.4 views

EUVD-2025-206796

The Chapa Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.3 via 'chapaproceed' WooCommerce API endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including t...

5.3CVSS5.3AI score0.00282EPSS
Exploits0References2
CVE
CVE
added 2026/02/04 8:25 a.m.17 views

CVE-2025-15482

CVE-2025-15482 affects the WordPress plugin Chapa Payment Gateway for WooCommerce . Multiple sources confirm a vulnerability in all versions up to and including 1.0.3 where the 'chapa_proceed' WooCommerce API endpoint exposes sensitive information, enabling unauthenticated attackers to retrieve d...

5.3CVSS5.3AI score0.00282EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

Atarim < 4.2.2 - Sensitive Information Exposure

Vito Peleg Atarim = 4.2 contains an insertion of sensitive information into sent data vulnerability caused by improper handling of embedded sensitive data, letting attackers retrieve embedded sensitive data remotely, exploit requires no special privileges. id: CVE-2025-60188 info: name: Atarim...

7.5CVSS5.2AI score0.01226EPSS
Exploits1References1
Rows per page
Query Builder