Lucene search
K

28071 matches found

HackRead
HackRead
added 2026/01/21 1:40 p.m.3 views

New Research Exposes Critical Gap: 64% of Third-Party Applications Access Sensitive Data Without Authorization

Boston, MA, USA, 21st January 2026, CyberNewsWire...

5.4AI score
Exploits0
Patchstack
Patchstack
added 2026/01/21 10:47 a.m.7 views

WordPress Tabby Checkout plugin <= 5.8.4 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by benzdeus in WordPress Plugin Tabby Checkout versions = 5.8.4...

7.5CVSS5.4AI score0.00303EPSS
Exploits0Affected Software1
NCSC
NCSC
added 2026/01/21 10:11 a.m.15 views

Vulnerabilities fixed in Oracle Java

Oracle has fixed vulnerabilities in Oracle Java SE. The vulnerabilities, particularly in the JavaFX component, allow unauthenticated attackers to compromise systems through untrusted code, which can lead to denial of service DoS attacks and unauthorized access to sensitive data. Exploitation of...

8.8CVSS5.6AI score0.01067EPSS
Exploits4References1
NCSC
NCSC
added 2026/01/21 9:27 a.m.11 views

Vulnerabilities fixed in Oracle PeopleSoft

Oracle has fixed vulnerabilities in Oracle PeopleSoft. The vulnerabilities allow unauthenticated attackers to access and modify sensitive data. This can lead to unauthorized access and modifications to critical data, with CVSS scores ranging from 5.4 to 10.0, indicating moderate to significant ri...

10CVSS6.5AI score0.79807EPSS
Exploits15References1
Patchstack
Patchstack
added 2026/01/21 8:52 a.m.4 views

WordPress Salon booking system plugin <= 10.30.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin Salon booking system versions = 10.30.3...

6.5CVSS5.4AI score0.00355EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2026/01/21 7:53 a.m.5 views

Improper Access Control

github.com/tencent/weknora is vulnerable to Improper access control. The vulnerability is due to insufficient backend validation on the database query tool after enabling the Agent service, which allows an attacker to use prompt-based bypass techniques to evade query restrictions and extract...

9.8CVSS5.9AI score0.00353EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/01/21 12:0 a.m.6 views

Fleet security vulnerabilities

Fleet is an open-source device management platform that supports various operating systems and devices. It helps IT and security teams with device management, vulnerability reporting, MDM operations, etc. It’s free and flexible. There is a security vulnerability in Fleet, which stems from imprope...

8.7CVSS5.8AI score0.00246EPSS
Exploits0References3
Redos
Redos
added 2026/01/21 12:0 a.m.5 views

ROS-20260121-73-0024

A vulnerability in the rtsxusbmsdrvremove function of the drivers/memstick/host/rtsxusbms.c component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromis...

7.8CVSS7.6AI score0.00166EPSS
Exploits0
Redos
Redos
added 2026/01/21 12:0 a.m.8 views

ROS-20260121-73-0026

A vulnerability in the drivers/ntb/hw/mscc/ntbhwswitchtec.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and...

7.1CVSS8AI score0.0018EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/20 6:19 p.m.9 views

CVE-2025-52659

HCL AION version 2 is affected by a Cacheable HTTP Response vulnerability. This may lead to unintended storage of sensitive or dynamic content, potentially resulting in unauthorized access or information disclosure...

7.5CVSS5.4AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2026/01/20 4:16 p.m.7 views

CVE-2025-36419

IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system...

5.3CVSS5.7AI score0.0021EPSS
Exploits0References1
NVD
NVD
added 2026/01/20 3:16 p.m.3 views

CVE-2025-13925

IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read by a local privileged user...

4.9CVSS0.00287EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/20 3:1 p.m.6 views

CVE-2025-1719 Multiple Vulnerabilities in IBM Concert Software

IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory...

5.9CVSS5.8AI score0.00334EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/20 3:1 p.m.4 views

CVE-2025-1719

IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory...

7.5CVSS5.8AI score0.00334EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/01/20 3:1 p.m.17 views

CVE-2025-1719

IBM Concert Software versions 1.0.0–2.1.0 are affected by CVE-2025-1719 due to improper clearing of heap memory, which could allow a remote attacker to read sensitive information from allocated memory. The issue is documented across multiple sources (NVD/Red Hat/IBM) with IBM explicitly noting a ...

7.5CVSS5.8AI score0.00334EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/20 2:56 p.m.3 views

CVE-2025-13925 Multiple vulnerabilities in IBM Aspera Console

IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read by a local privileged user...

4.9CVSS5.3AI score0.00287EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/20 2:56 p.m.3 views

CVE-2025-13925

IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read by a local privileged user...

4.9CVSS5.3AI score0.00287EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/01/20 2:56 p.m.17 views

CVE-2025-13925 Multiple vulnerabilities in IBM Aspera Console

IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read by a local privileged user...

4.9CVSS0.00287EPSS
Exploits0References1
CVE
CVE
added 2026/01/20 2:56 p.m.20 views

CVE-2025-13925

IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read by a local privileged user. Affected product: IBM Aspera Console 3.4.7. Root cause: log files may contain sensitive data, enabling read access by an unauthorized local user. Remediation: upgrade to I...

4.9CVSS5.3AI score0.00287EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/20 10:33 a.m.7 views

WordPress Contact Form & Lead Form Elementor Builder plugin <= 2.0.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by benzdeus in WordPress Plugin Contact Form & Lead Form Elementor Builder versions = 2.0.1...

6.5CVSS5.4AI score0.00355EPSS
Exploits0Affected Software1
Rows per page
Query Builder