Lucene search
K

28055 matches found

Nuclei
Nuclei
added 2026/02/04 7:0 a.m.9 views

Fanwei e-cology - SQL Injection

Fanwei e-cology 8.0 contains a sql injection caused by unsanitized user input in the sql parameter of getdata.jsp, letting unauthenticated attackers execute arbitrary SQL queries and access sensitive data. id: CVE-2025-34038 info: name: Fanwei e-cology - SQL Injection author: ritikchaddha severit...

8.7CVSS8.3AI score0.01837EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/04 6:14 a.m.4 views

EUVD-2026-5391

Improper handling of insufficient permission in Galaxy Wearable installed on non-Samsung Device prior to version 2.2.68 allows local attackers to access sensitive information...

5.1CVSS5.4AI score0.00142EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/04 6:14 a.m.26 views

CVE-2026-20984

Improper handling of insufficient permission in Galaxy Wearable installed on non-Samsung Device prior to version 2.2.68 allows local attackers to access sensitive information...

5.1CVSS0.00142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.3 views

CVE-2025-36253

IBM Concert 1.0.0 through 2.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

7.5CVSS5.3AI score0.00203EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.4 views

F5 BIG-IP Edge Client 信息泄露漏洞

F5 BIG-IP Edge Client is a security remote access client software developed by F5 Corporation in the United States. The F5 BIG-IP Edge Client has a vulnerability related to information leakage, which may allow attackers to access sensitive data...

3.3CVSS5.8AI score0.001EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.4 views

PT-2026-6085

Name of the Vulnerable Software and Affected Versions BIG-IP Edge Client and browser VPN clients on Windows affected versions not specified Description A security issue exists in BIG-IP Edge Client and browser VPN clients on Windows that could allow attackers to access sensitive information...

3.3CVSS5.5AI score0.001EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/04 12:0 a.m.26 views

CVE-2025-69618

An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

0.0034EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.6 views

OpenClaw 信息泄露漏洞

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has an information disclosure vulnerability that stems from the isValidMedia function allowing arbitrary file paths, which can be exploited by an attacker to cause the reading of arbitrary files and the disclosure of...

6.5CVSS6AI score0.00745EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.4 views

PT-2026-5894

Name of the Vulnerable Software and Affected Versions IBM Jazz Reporting Service affected versions not specified Description An authenticated user on the host network may be able to obtain sensitive information about other projects residing on the server. Recommendations At the moment, there is n...

3.5CVSS5.4AI score0.00207EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.23 views

PT-2026-5887

Name of the Vulnerable Software and Affected Versions Chapa Payment Gateway Plugin for WooCommerce versions up to and including 1.0.3 Description The Chapa Payment Gateway Plugin for WooCommerce plugin for WordPress is susceptible to sensitive information disclosure. An unauthenticated attacker c...

5.3CVSS5.4AI score0.00282EPSS
Exploits0References5
NVD
NVD
added 2026/02/03 11:16 p.m.4 views

CVE-2025-33081

IBM Concert 1.0.0 through 2.1.0 stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS0.00088EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/03 10:14 p.m.25 views

CVE-2025-33081 Multiple Vulnerabilities in IBM Concert Software.

IBM Concert 1.0.0 through 2.1.0 stores potentially sensitive information in log files that could be read by a local user...

3.3CVSS0.00088EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 10:14 p.m.3 views

CVE-2025-33081 Multiple Vulnerabilities in IBM Concert Software.

IBM Concert 1.0.0 through 2.1.0 stores potentially sensitive information in log files that could be read by a local user...

3.3CVSS5.3AI score0.00088EPSS
Exploits0References1
CVE
CVE
added 2026/02/03 7:11 p.m.9 views

CVE-2026-24427

CVE-2026-24427 affects Shenzhen Tenda AC7 devices with firmware up to V03.03.03.01_cn. The web management responses expose administrative credentials (router/admin passwords) in plaintext within configuration responses, and lack Cache-Control headers, enabling caching and potential exposure if an...

6.8CVSS5.4AI score0.00118EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/02/03 6:16 p.m.5 views

CVE-2020-37115

GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption. This vulnerability exposes sensitive information and increases the risk of credential theft and unauthorized access...

7.1CVSS0.00263EPSS
Exploits1References4
OSV
OSV
added 2026/02/03 4:6 p.m.2 views

CVE-2026-24762 RustFS Logs Sensitive Credentials in Plaintext

RustFS is a distributed object storage system built in Rust. From versions alpha.13 to alpha.81, RustFS logs sensitive credential material access key, secret key, session token to application logs at INFO level. This results in credentials being recorded in plaintext in log output, which may be...

6.9CVSS5.7AI score0.00245EPSS
Exploits0References3
NVD
NVD
added 2026/02/03 3:16 p.m.7 views

CVE-2026-24998

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup allows Retrieve Embedded Sensitive Data.This issue affects Hustle: from n/a through = 7.8.9.2...

5.3CVSS0.00197EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 3:16 p.m.9 views

CVE-2026-24992

Insertion of Sensitive Information Into Sent Data vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting webd-woocommerce-advanced-reporting-statistics allows Retrieve Embedded Sensitive Data.This issue affects Advanced WooCommerce Product Sales Reporting: from n/a through = 4.1....

5.3CVSS0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/03 2:8 p.m.8 views

EUVD-2026-5260

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a...

5.3CVSS5.4AI score0.00192EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 2:8 p.m.4 views

CVE-2026-25023

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a...

5.4AI score0.00192EPSS
Exploits0References2
Rows per page
Query Builder