CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2026/04/15 7:22 p.m.•1 views

CVE-2026-20928

Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack...

4.6CVSS6.3AI score0.00171EPSS

Exploits0References1

Tenable Nessus•added 2025/10/27 12:0 a.m.•1 views

Siemens SIMATIC Devices Improper Removal of Sensitive Information Before Storage or Transfer (CVE-2024-26816)

x86, relocs: relocations in .notes section. When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the startupxen entry point. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

5.5CVSS6.8AI score0.00023EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-53085

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00386EPSS

Exploits0References3

CVE•added 2025/09/06 6:29 p.m.•20 views

CVE-2025-0011

CVE-2025-0011 concerns AMD Crash Defender. The issue is improper removal of sensitive information before storage or transfer, potentially revealing kernel address information and harming confidentiality. The CVE is rated CVSS v3.1 with a base score of 3.3 (LOW); attack vector LOCAL, required priv...

3.3CVSS5.9AI score0.00122EPSS

Exploits1References1

Hacker One•added 2025/06/27 9:16 p.m.•6 views

Bykea: Critical Information Disclosure via /talos/api/v1/files/upload

A vulnerability was discovered in the file upload functionality, where uploaded files were first stored on the server before being sent to S3. Due to a configuration flaw, memory chunks from the server were included in some uploaded files. This issue was classified as critical and was addressed a...

6.9AI score

Exploits0

ATTACKERKB•added 2022/08/15 11:21 a.m.•2 views

CVE-2022-2818

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository cockpit-hq/cockpit prior to 2.2.2...

9.8CVSS7.2AI score0.015EPSS

Exploits1References3

OSV•added 2022/07/15 8:44 p.m.•0 views

GHSA-C28R-HW5M-5GV3 Partial Path Traversal in com.amazonaws:aws-java-sdk-s3

Overview A partial-path traversal issue exists within the downloadDirectory method in the AWS S3 TransferManager component of the AWS SDK for Java v1. Applications using the SDK control the destinationDirectory argument, but S3 object keys are determined by the application that uploaded the...

7.9CVSS6.7AI score0.00052EPSS

Exploits1References4

Positive Technologies•added 2022/06/09 12:0 a.m.•1 views

PT-2022-20877 · Owncloud · Owncloud

Name of the Vulnerable Software and Affected Versions: ownCloud versions prior to 10.10.0 Description: The issue concerns the improper removal of sensitive information before storage or transfer. Recommendations: For versions prior to 10.10.0, update to version 10.10.0 or later to resolve the iss...

7.5CVSS7.4AI score0.00386EPSS

Exploits0References7

ATTACKERKB•added 2022/05/12 11:15 a.m.•2 views

CVE-2022-1650

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...

9.3CVSS7.2AI score0.01666EPSS

Exploits1References4Affected Software1

OSV•added 2022/02/09 11:15 a.m.•1 views

DEBIAN-CVE-2022-0536

Improper Removal of Sensitive Information Before Storage or Transfer in NPM follow-redirects prior to 1.14.8...

5.9CVSS6.5AI score0.00069EPSS

Exploits0References1