CVE-2026-42408 BIG-IP DNS tmsh vulnerability

When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell tmsh command that may allow a highly privileged authenticated attacker to view sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-37160

A broken access control BAC vulnerability in the web-based management interface could allow an authenticated remote attacker with low privileges to view sensitive information. Successful exploitation of this vulnerability could enable the attacker to disclose sensitive data...

CVE-2025-20347

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because of...

CVE-2025-20348

Summary: CVE-2025-20348 affects Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller (NDFC). The issue arises from missing authorization controls on REST API endpoints, allowing an authenticated, low-privileged attacker to view sensitive information or upload/modify files. The impact inclu...

CVE-2025-20347

Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller (NDFC) have missing authorization controls on certain REST API endpoints. An authenticated, low-privileged attacker could view sensitive information or upload/modify files via crafted API requests, potentially executing limited Administr...

Unspecified Vulnerability in Apple macOS (CNVD-2025-18453)

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to view sensitive user information...

CVE-2023-26461

SAP NetWeaver allows SAP Enterprise Portal - version 7.50, allows an authenticated attacker with sufficient privileges to access the XML parser which can submit a crafted XML file which when parsed will enable them to access but not modify sensitive files and data. It allows the attacker to view...

SUSE CVE-2021-1234

A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the vManage software must be in cluster mode. This vulnerability is due t...

CVE-2021-1234

A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the vManage software must be in cluster mode. This vulnerability is due t...

CVE-2021-36544

Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL...

CVE-2019-1908

A vulnerability in the Intelligent Platform Management Interface IPMI implementation of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to view sensitive system information. The vulnerability is due to insufficient security restrictions imposed by the...

Cisco Integrated Management Controller Access Control Error Vulnerability

Cisco Integrated Management Controller IMC is a set of software from the American company Cisco Cisco for the management of UCS Unified Computing System. The software supports HTTP, SSH access, etc., and can perform operations such as powering on, powering off and rebooting the server. An access...

CVE-2018-0245

A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and validation checking...

TouTou Shared Bike Android APP has an override access vulnerability

TouTou Shared Bike Android APP is a shared bike travel software for cities. TouTou Shared Bicycle Android APP has an override access vulnerability. After registering and logging into the system, the attacker can modify the user ID by grabbing packets to view any account information, including:...