51 matches found
PT-2026-42725
Name of the Vulnerable Software and Affected Versions ZTE MU5250 affected versions not specified Description An information disclosure issue exists due to improper configuration of the access control mechanism, which allows attackers to obtain information without authorization. Recommendations At...
PT-2026-21527
Name of the Vulnerable Software and Affected Versions ZIA affected versions not specified Description An issue exists in the ZIA Admin UI related to the improper handling of user-supplied input. This could allow an authenticated administrator to potentially access or retrieve unauthorized interna...
EUVD-2021-7605
Malicious code in bioql PyPI...
EUVD-2025-25211
Malicious code in bioql PyPI...
EUVD-2021-8280
Malicious code in bioql PyPI...
GE UR family Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-27424)
GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the communications guide. GE was made aware a Last-key pressed MODBUS register can be used to gain unauthorized information. This plugin only works with Tenable.ot. Please visit...
CVE-2025-50434
A security issue has been identified in Appian Enterprise Business Process Management version 25.3. The vulnerability is related to incorrect access control, which under certain conditions could allow unauthorized access to information. NOTE: this has been disputed because the CVE Record...
CVE-2025-50434
A security issue has been identified in Appian Enterprise Business Process Management version 25.3. The vulnerability is related to incorrect access control, which under certain conditions could allow unauthorized access to information. NOTE: this has been disputed because the CVE Record...
CVE-2025-50434
A security issue has been identified in Appian Enterprise Business Process Management version 25.3. The vulnerability is related to incorrect access control, which under certain conditions could allow unauthorized access to information. NOTE: this has been disputed because the CVE Record...
Citrix NetScaler Gateway / ADC Memory Disclosure
Citrix NetScaler Gateway / ADC versions 14.1.x 14.1-43.56, 13.1.x 13.1-58.32, 13.1.x-FIPS 13.1-37.235-FIPS and NDcPP, 12.1.x-FIPS 12.1-55.328-FIPS, 12.1.x and 13.0.x are affected by a memory disclosure vulnerability. This issue could allow a remote and unauthenticated attacker to access sensitive...
CVE-2022-36854
Out of bound read in libapexjni.media.samsung.so prior to SMR Sep-2022 Release 1 allows attacker access unauthorized information...
CVE-2021-27424
GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the communications guide. GE was made aware a “Last-key pressed” MODBUS register can be used to gain unauthorized information...
CVE-2024-42178
HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated users might gain unauthorized access to potentially confidential information, creating a risk of misuse, manipulation, or unauthorized distribution...
The vulnerability of the eDocument Cockpit component of the SAP Electronic Invoicing for Brazil software allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the eDocument Cockpit component of the SAP Electronic Invoicing for Brazil software relates to the absence of authentication. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of microprogrammed software for programmable logic controllers ABB FBXi, FBVi, FBTi, and CBXi lies in the lack of origin verification in WebSockets. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of microprogrammed programmable logic controllers ABB FBXi, FBVi, FBTi, and CBXi is related to the lack of origin verification in WebSockets. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected...
CVE-2024-45805
OpenCTI is an open-source cyber threat intelligence platform. Before 6.3.0, general users can access information that can only be accessed by users with access privileges to admin and support information SETTINGSSUPPORT. This is due to inadequate access control for support information...
CVE-2024-31495
A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiPortal versions 7.0.0 through 7.0.6 and version 7.2.0 allows privileged user to obtain unauthorized information via the report download functionality...
PT-2024-5465 · Microsoft +6 · Edge +6
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 126.0.6478.182 Chromium versions prior to 126.0.6478.182 Yandex Browser versions prior to 24.7.6.1018-alt1 Chromedriver versions prior to 126.0.6478.182-1.1 Debian Bookworm chromium versions prior to...
ROS-20240408-25
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
PT-2024-23599 · Unknown · Ros Kinetic Kame
Name of the Vulnerable Software and Affected Versions: ROS Kinetic Kame affected versions not specified Description: The issue concerns an unauthorized information access vulnerability. No specific details about the estimated number of potentially affected devices or real-world incidents are...