8 matches found
CVE-2026-56646
Exposure of sensitive information to an unauthorized actor in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
K000156734: BIG-IP Configuration utility vulnerability CVE-2026-40699
Security Advisory Description A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-privileged authenticated attacker to access to undisclosed sensitive information. CVE-2026-40699 Impact This vulnerability may allow a low-privileged authenticated...
CVE-2026-20155 Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker with low privileges to access sensitive information that they are not authorized to access. This vulnerability is due to improper authorization...
EUVD-2025-6258
Malicious code in bioql PyPI...
CVE-2025-47871 Mattermost Playbooks exposes private channel metadata to unauthorized users via run metadata API
Mattermost versions 10.5.x = 10.5.5, 9.11.x = 9.11.15, 10.8.x = 10.8.0, 10.7.x = 10.7.2, 10.6.x = 10.6.5 fail to properly validate channel membership when retrieving playbook run metadata, allowing authenticated users who are playbook members but not channel members to access sensitive informatio...
CVE-2023-40723
An exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.4 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 and 6.3.0 through 6.3.3 and 6.2.0 through 6.2.1 and 6.1.0 through 6.1.2 and 5.4.0 and 5.3.0 through 5.3.3 and 5.2...
CVE-2024-53683 Ossur Mobile Logic Application Exposure of Sensitive System Information to an Unauthorized Control Sphere
A valid set of credentials in a .js file and a static token for communication were obtained from the decompiled IPA. An attacker could use the information to disrupt normal use of the application by changing the translation files and thus weaken the integrity of normal use...
Jenkins Information Disclosure Vulnerability (CNVD-2020-08121)
CloudBees Jenkins is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An information disclosure vulnerability...