28055 matches found
PT-2026-5385
Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted early about this disclosure but did not...
PT-2026-5432
Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data. The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X...
WordPress Plugin Contact Form 7 GetResponse Extension Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Contact Form 7 GetRespon...
Codriapp HeyGarson security vulnerability
Codriapp HeyGarson is a digital ordering and management platform developed by Codriapp. Versions of Codriapp HeyGarson dated before January 30, 2026, have security vulnerabilities. These vulnerabilities stem from error messages containing sensitive information, which may lead to application mappi...
CVE-2025-15548
Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality...
CVE-2025-15548
Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality...
CVE-2025-15548 Missing Application-Layer Encryption in Web Interface Endpoints on TP-Link VX800v
Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality...
CVE-2025-15548
CVE-2025-15548 affects TP-Link VX800v v1.0, where the web interface endpoints transmit sensitive data over unencrypted HTTP due to missing application-layer encryption. This permits a network-adjacent attacker to intercept traffic and compromise confidentiality. Affected product/version: VX800v v...
CVE-2026-0936
An Insertion of Sensitive Information into Log File vulnerability in B&R PVI client versions prior to 6.5 may be abused by an authenticated local attacker to gather credential information which is processed by the PVI client application. The logging function of the PVI client application is...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the copyFile function, which fails to validate the dest parameter. An attacker can write files to arbitrary locations on the filesystem by supplying crafted paths, potentially leading to execution of malicious co...
CVE-2020-37015
The Ruijie Networks Switch eWeb S29RGOS version 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve...
CVE-2026-23564 Transmission of Unencrypted Data in Content Distribution Service
A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive informatio...
CVE-2026-23564
A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive informatio...
CVE-2025-55704
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
CVE-2025-55704
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
PT-2026-5246
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
PT-2026-5323
Name of the Vulnerable Software and Affected Versions VX800v version 1.0 Description The web interface of VX800v version 1.0 transmits sensitive information over unencrypted HTTP due to missing application layer encryption. This allows a network-adjacent attacker to intercept the traffic and...
HCL AION Information Disclosure Vulnerability (CNVD-2026-16405)
HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from an information disclosure vulnerability, which is due to cachable HTTP responses leading to accidental storage of sensitive or dynamic content. An attacker can exploit the vulnerability to gain access to sensiti...
ROS-20260129-73-0004
A vulnerability in the Samba networking software package is related to authorization errors. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...
CVE-2025-57796 Use of a hardcoded static key to protect sensitive data in Explorance Blue
Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained...