Lucene search
K

28055 matches found

Vulnrichment
Vulnrichment
added 2026/01/31 1:23 a.m.4 views

CVE-2025-15510 NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.8 - Missing Authorization to Unauthenticated Sensitive Information Exposure

The NEX-Forms – Ultimate Forms Plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the NF5ExportForms class constructor in all versions up to, and including, 9.1.8. This makes it possible for unauthenticated attackers to export form configuration...

5.3CVSS5.4AI score0.00285EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/31 1:23 a.m.5 views

CVE-2025-15510

The NEX-Forms – Ultimate Forms Plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the NF5ExportForms class constructor in all versions up to, and including, 9.1.8. This makes it possible for unauthenticated attackers to export form configuration...

5.3CVSS5.9AI score0.00285EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/31 12:0 a.m.6 views

WordPress plugin NEX-Forms – Ultimate Forms has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00285EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.3 views

EulerOS Virtualization 2.10.0 : systemd (EulerOS-SA-2026-1200)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a...

4.7CVSS5.9AI score0.00641EPSS
Exploits1References2
PyPA
PyPA
added 2026/01/30 7:16 p.m.10 views

PYSEC-2026-62

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

8.6CVSS5.8AI score0.00385EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/30 6:31 p.m.6 views

CVE-2024-9432

Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data. The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X...

6.9CVSS5.9AI score0.00091EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/01/30 6:31 p.m.5 views

EUVD-2024-55391

Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data. The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X...

6.9CVSS5.9AI score0.00091EPSS
Exploits0References1
CVE
CVE
added 2026/01/30 1:2 p.m.32 views

CVE-2026-1498

WatchGuard Fireware OS is affected by CVE-2026-1498 via LDAP Injection. A remote unauthenticated attacker can retrieve information from a connected LDAP authentication server through an exposed authentication or management web interface, and may authenticate as an LDAP user if they have that user...

7CVSS5.9AI score0.0068EPSS
Exploits0References1
Snyk
Snyk
added 2026/01/30 9:30 a.m.4 views

Insertion of Sensitive Information into Log File

Overview llama-stack is a Llama Stack Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the pgvector.py component. An attacker can obtain sensitive information by accessing log files that contain uncensored credentials. Remediation Upgrade...

6.8CVSS5.5AI score0.00219EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/01/30 8:31 a.m.30 views

CVE-2025-1395 Sensitive Data Exposure in CoDeriApp's HeyGarson

Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping. This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing proce...

8.2CVSS0.00299EPSS
Exploits0References2
CVE
CVE
added 2026/01/30 8:31 a.m.16 views

CVE-2025-1395

The CVE-2025-1395 entry describes a vulnerability in Codriapp Innovation and Software Technologies Inc.’s HeyGarson where error messages may expose sensitive information. The issue is triggered by fuzzing for application mapping and affects HeyGarson up to 30012026. The available connected docume...

8.2CVSS5.4AI score0.00299EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/30 8:31 a.m.5 views

EUVD-2025-206579

Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing proces...

8.2CVSS5.9AI score0.00299EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/30 8:31 a.m.5 views

CVE-2025-1395 Sensitive Data Exposure in CoDeriApp's HeyGarson

Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping. This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing proce...

8.2CVSS5.4AI score0.00299EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/30 3:24 a.m.17 views

CVE-2025-55704

Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...

6.9CVSS5.9AI score0.00241EPSS
Exploits0References1
CNVD
CNVD
added 2026/01/30 12:0 a.m.2 views

WordPress Plugin WP FullCalendar Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin WP FullCalendar, which...

7.5CVSS5.5AI score0.00296EPSS
Exploits0References1
CNVD
CNVD
added 2026/01/30 12:0 a.m.3 views

WordPress Plugin Cargus Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Cargus, which originates...

5.3CVSS5.5AI score0.00305EPSS
Exploits0References1
CNVD
CNVD
added 2026/01/30 12:0 a.m.2 views

WordPress Plugin Booking Ultra Pro Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Booking Ultra Pro, which...

6.5CVSS5.5AI score0.00355EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.6 views

OpenText Vertica security vulnerabilities

OpenText Vertica is a relational database management system RDBMS from OpenText Canada. It can efficiently store massive amounts of data. Versions 23.X, 24.X, and 25.X of OpenText Vertica have security vulnerabilities. These vulnerabilities stem from the storage of sensitive information in...

6.9CVSS5.8AI score0.00091EPSS
Exploits0References2
CNVD
CNVD
added 2026/01/30 12:0 a.m.3 views

WordPress Plugin WP Directory Kit Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin WP Directory Kit has an information disclosure vulnerability, the vulnerabilit...

5.3CVSS5.5AI score0.00669EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.13 views

Geopandas security vulnerabilities

Geopandas is an open-source Python tool for processing geospatial data. Versions of geopandas prior to 1.1.2 contained a security vulnerability. This vulnerability stemmed from a flaw in the topostgis function, which could allow attackers to access sensitive information when writing GeoDataFrames...

8.6CVSS5.8AI score0.00385EPSS
Exploits1References2
Rows per page
Query Builder