Lucene search
K

28071 matches found

Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.5 views

PT-2026-4000

Insertion of Sensitive Information Into Sent Data vulnerability in Johan Jonk Stenström Cookies and Content Security Policy cookies-and-content-security-policy allows Retrieve Embedded Sensitive Data.This issue affects Cookies and Content Security Policy: from n/a through = 2.34...

5.4AI score0.00352EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.7 views

PT-2026-4263

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...

5.4AI score0.0018EPSS
Exploits0References2
CVE
CVE
added 2026/01/22 12:0 a.m.16 views

CVE-2025-56589

The CVE-2025-56589 entry concerns the Apryse HTML2PDF SDK (versions through 11.6.0) with a vulnerability in InsertFromHtmlString() leading to Local File Inclusion (LFI) and Server-Side Request Forgery (SSRF). The flaws could allow an attacker to read server-local files or trigger arbitrary HTTP r...

7.5CVSS5.8AI score0.00427EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.4 views

PT-2026-4070

Name of the Vulnerable Software and Affected Versions ThemeHunk Contact Form & Lead Form Elementor Builder versions through 2.0.1 Description A flaw exists in ThemeHunk Contact Form & Lead Form Elementor Builder that could allow retrieval of embedded sensitive data. The issue is related to the...

5.3AI score0.00355EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.4 views

WordPress plugin Booking Ultra Pro 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Booking Ultra Pro, which...

6.5CVSS5.7AI score0.00355EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.6 views

WordPress plugin REHub Framework has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

4.3CVSS5.8AI score0.00314EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 12:0 a.m.1 views

CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

5.9AI score0.00881EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.5 views

Microsoft Copilot Studio command injection vulnerability

Microsoft Copilot Studio is an artificial intelligence chatbot developed by Microsoft Corporation. Microsoft Copilot Studio has a command injection vulnerability, which stems from improper neutralization of certain elements. Attackers can exploit this vulnerability to access sensitive information...

7.5CVSS6AI score0.01402EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.8 views

WordPress plugin Nexter Blocks has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

4.3CVSS5.8AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.5 views

PT-2026-4002

Name of the Vulnerable Software and Affected Versions sizam REHub Framework versions prior to 19.9.9.4 Description A flaw exists in the sizam REHub Framework, specifically in the rehub-framework component, that allows for the retrieval of embedded sensitive data. This results in the exposure of...

5.2AI score0.00314EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.4 views

WordPress plugin Tabby Checkout has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.4 views

PT-2026-3950

Name of the Vulnerable Software and Affected Versions Beam versions 0.1.552 beta9 Description A directory traversal issue exists in Beam beta9 version 0.1.552. This allows a remote attacker to potentially access sensitive information through the joinCleanPath function. Recommendations At the...

6CVSS5.9AI score0.00881EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.10 views

PT-2026-4309

Name of the Vulnerable Software and Affected Versions Azure Data Explorer affected versions not specified Description An issue exists in Azure Data Explorer that allows an unauthorized attacker to disclose sensitive information over a network. The issue involves the exposure of sensitive...

7.4CVSS5.2AI score0.00504EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.5 views

PT-2026-4050

Name of the Vulnerable Software and Affected Versions Deetronix Booking Ultra Pro versions through 1.1.23 Description A flaw exists in Deetronix Booking Ultra Pro that allows for the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. The affected...

5.3AI score0.00355EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.7 views

WordPress plugin “Cookies” and Content Security Policy: security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...

5.3CVSS5.8AI score0.00352EPSS
Exploits0References1
Redos
Redos
added 2026/01/22 12:0 a.m.4 views

ROS-20260122-73-0027

Vulnerability in httpd related to a flaw in the output encoding or escaping mechanism. Exploitation of the vulnerability allows a remote attacker to gain access to sensitive data...

6.5CVSS5.6AI score0.00758EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.8 views

PT-2026-4067

Name of the Vulnerable Software and Affected Versions Tabby Checkout versions through 5.8.4 Description A flaw exists in Tabby Checkout that allows retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update Tabby Checkout to a version lat...

5.2AI score0.00303EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/01/21 6:33 p.m.6 views

WordPress B Accordion plugin <= 2.0.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by theviper17 in WordPress Plugin B Accordion versions = 2.0.1...

6.5CVSS5.3AI score0.00276EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/21 3:27 p.m.7 views

CVE-2025-1722

IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory...

7.5CVSS5.5AI score0.00334EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/21 3:27 p.m.12 views

CVE-2025-13925

IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read by a local privileged user...

4.9CVSS5.3AI score0.00287EPSS
Exploits0References1
Rows per page
Query Builder