28073 matches found
CVE-2025-59355
A vulnerability. When org.apache.linkis.metadata.util.HiveUtils.decode fails to perform Base64 decoding, it records the complete input parameter string in the log via logger.errorstr + "decode failed", e. If the input parameter contains sensitive information such as Hive Metastore keys, plaintext...
Rockwell Automation Verve Asset Manager
RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker to access sensitive information stored in variables within the ADI server. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...
CVE-2026-0905
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. Chromium security severity: Medium...
CVE-2025-14798
The LearnPress – WordPress LMS Plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.3.2.4 via the getitempermissionscheck function. This makes it possible for unauthenticated attackers to extract sensitive data including user first names and las...
CVE-2026-0905
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. Chromium security severity: Medium...
CVE-2026-0905
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. Chromium security severity: Medium...
Files or Directories Accessible to External Parties
Overview mineadmin/mineadmin is a Quickly build a background management system for web applications Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties via the Swagger component. An attacker can access sensitive information by sending crafted...
MineAdmin May Expose Sensitive Information to an Unauthorized Actor
A security flaw has been discovered in MineAdmin 1.x/2.x. This affects an unknown function of the component Swagger. The manipulation results in information disclosure. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was...
IBM Aspera Console 日志信息泄露漏洞
IBM Aspera Console is a Web-based application from International Business Machines IBM. Allows users to centrally manage, monitor and control Aspera servers nodes and transports. IBM Aspera Console suffers from a log information disclosure vulnerability that originates from the storage of...
CVE-2025-66902
An input validation issue in in Pithikos websocket-server v.0.6.4 allows a remote attacker to obtain sensitive information or cause unexpected server behavior via the websocketserver/websocketserver.py, WebSocketServer.messagereceived components...
PT-2026-3534
The LearnPress – WordPress LMS Plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.3.2.4 via the get item permissions check function. This makes it possible for unauthenticated attackers to extract sensitive data including user first names and...
PT-2026-3583
IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory...
MiracleLinux 9 : linux-firmware-20230310-134.el9.ML.1 (AXSA:2023-6270:05)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6270:05 advisory. This package includes firmware files required for some devices to operate. CVE-2023-20593 An issue in Zen 2 CPUs, under specific microarchitectural...
IBM Concert 安全漏洞
IBM Concert is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. IBM Concert suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...
CVE-2025-66902
An input validation issue in in Pithikos websocket-server v.0.6.4 allows a remote attacker to obtain sensitive information or cause unexpected server behavior via the websocketserver/websocketserver.py, WebSocketServer.messagereceived components...
IBM Concert 安全漏洞
IBM Concert is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. IBM Concert suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...
PT-2026-3580
Name of the Vulnerable Software and Affected Versions IBM Aspera Console version 3.4.7 Description The software stores potentially sensitive information in log files. A local privileged user could read this information. Recommendations Ensure appropriate access controls are in place for log files...
Cisco IP Phones Exposure of Sensitive Information to an Unauthorized Actor (CVE-2025-20336)
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability exists because the product expose...
ROS-20260120-7358
A vulnerability in the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service...
MiracleLinux 8 : cloud-init-23.1.1-10.el8.ML.1 (AXSA:2023-7278:09)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7278:09 advisory. cloud-init: sensitive data could be exposed in logs CVE-2023-1786 Tenable has extracted the preceding description block directly from the MiracleLinux securi...