Lucene search
K

28077 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:8 p.m.10 views

CVE-2018-6550

Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php...

5.4CVSS6AI score0.00734EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:35 a.m.5 views

CVE-2021-41942

The Magic CMS MSVOD v10 video system has a SQL injection vulnerability. Attackers can use vulnerabilities to obtain sensitive information in the database...

7.5CVSS7.7AI score0.01079EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.11 views

CVE-2021-27457

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected products utilize a weak encryption algorithm for storage of sensitive data, which may allow an attacker to more easily obtain credentials used for access...

7.5CVSS6.8AI score0.00452EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.7 views

CVE-2021-27839

A CSV injection vulnerability found in Online Invoicing System OIS 4.3 and below can be exploited by users to perform malicious actions such as redirecting admins to unknown or harmful websites, or disclosing other clients' details that the user did not have access to...

5.8CVSS7.1AI score0.00724EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.5 views

CVE-2021-27545

SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter...

6.5CVSS7.9AI score0.01964EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.9 views

CVE-2021-28150

Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf with the administrator password and other sensitive data via /backup2.cgi...

5.5CVSS6.9AI score0.02584EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.11 views

CVE-2021-28911

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data e.g. device serial number. Having those info, a possible loginId can be self-calculated in a brute force attack against BMX interface. This is usable and part...

10CVSS7.1AI score0.016EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:24 a.m.5 views

CVE-2021-31000

A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1, tvOS 15.2. A malicious application may be able to read sensitive contact information...

4.3CVSS5.3AI score0.00676EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.3 views

CVE-2021-22516

Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager SAPIM product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file...

7.5CVSS6.5AI score0.00986EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.8 views

CVE-2021-22798

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause Sensitive data such as login credentials being exposed when a Network is sniffed. Affected Product: Conext� ComBox All Versions...

7.5CVSS6.9AI score0.0089EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.6 views

CVE-2021-22782

Missing Encryption of Sensitive Data vulnerability exists in EcoStruxure Control Expert all versions prior to V15.0 SP1, including all versions of Unity Pro, EcoStruxure Process Expert all versions, including all versions of EcoStruxure Hybrid DCS, and SCADAPack RemoteConnect for x70, all version...

5.5CVSS6.4AI score0.00109EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.5 views

CVE-2021-22054

VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to...

7.5CVSS7.1AI score0.97713EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.6 views

CVE-2021-22300

There is an information leak vulnerability in eCNS280TD versions V100R005C00 and V100R005C10. A command does not have timeout exit mechanism. Temporary file contains sensitive information. This allows attackers to obtain information by inter-process access that requires other methods...

4.1CVSS6.5AI score0.00146EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:18 a.m.6 views

CVE-2021-0958

In update of kmcompat.cpp, there is a possible loss of potentially sensitive data due to a logic error in the code. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

4.4CVSS7.3AI score0.00107EPSS
Exploits0References1
CVE
CVE
added 2026/01/09 11:15 a.m.19 views

CVE-2025-13717

CVE-2025-13717 affects Contact Form vCard Generator for WordPress. The vulnerability arises from a missing authorization check in wp_gvc_cf_settings.php (function wp_gvccf_check_download_request) that exists in all versions up to and including 2.4. This enables unauthenticated attackers to export...

5.3CVSS5AI score0.00321EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:15 a.m.3 views

CVE-2021-0166

Exposure of Sensitive Information to an Unauthorized Actor in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access...

6.7CVSS7AI score0.00293EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.5 views

CVE-2022-38668

HTTP applications servers based on Crow through 1.0+4 may reveal potentially sensitive uninitialized data from stack memory when fulfilling a request for a static file smaller than 16 KB...

7.5CVSS6.9AI score0.01111EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.5 views

CVE-2022-38817

Dapr Dashboard v0.1.0 through v0.10.0 is vulnerable to Incorrect Access Control that allows attackers to obtain sensitive data...

7.5CVSS6.5AI score0.02941EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:53 a.m.14 views

CVE-2022-33751

CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data...

7.5CVSS6.9AI score0.0115EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:53 a.m.13 views

CVE-2022-33756

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data...

7.5CVSS6.9AI score0.0115EPSS
Exploits0References1
Rows per page
Query Builder