15117 results (0.013 seconds)

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 1

27 Jul 2025 — The manipulation of the argument accessKey/secretKey leads to information disclosure. ... Mit der Manipulation des Arguments accessKey/secretKey mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://vuldb.com/?id.317814 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •

CVSS: 9.0EPSS: 0%CPEs: -EXPL: 0

27 Jul 2025 — This flaw undermines the core security boundary intended to isolate untrusted code, posing risks such as unauthorized code execution, data leakage, and potential integration-level compromise. • https://huntr.com/bounties/63ab1cfe-b573-4cf5-a7d3-fb6c957e34b0 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1

26 Jul 2025 — The manipulation leads to cleartext transmission of sensitive information. ... The vendor was contacted early about this disclosure but did not respond in any way. ... Mittels Manipulieren mit unbekannten Daten kann eine cleartext transmission of sensitive information-Schwachstelle ausgenutzt werden. • https://vuldb.com/?id.317774 • CWE-310: Cryptographic Issues CWE-319: Cleartext Transmission of Sensitive Information

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

25 Jul 2025 — Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information. Certain HP DesignJet products may be vulnerable to information disclosure though printer's web... • https://support.hp.com/us-en/document/ish_12798086-12798125-16/hpsbpi04039 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0

25 Jul 2025 — An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user. An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 -... • https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB0750906 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0

25 Jul 2025 — CNCF Harbor 2.13.x before 2.13.1 and 2.12.x before 2.12.4 allows information disclosure by administrators who can exploit an ORM Leak present in the /api/v2.0/users endpoint to leak users' password hash and salt values. ... An attacker with administrator access could exploit this to leak highly sensitive information stored in the Harbor database. • https://github.com/goharbor/harbor/releases • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0

24 Jul 2025 — HCL iAutomate is affected by a sensitive data exposure vulnerability. This issue may allow unauthorized access to sensitive information within the system. HCL iAutomate is affected by a sensitive data exposure vulnerability. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122646 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0

24 Jul 2025 — IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and MQ Operator SC2 3.2.0 through 3.2.13 Container could disclose sensitive information to a local user due to improper clearing of heap memory before release. • https://www.ibm.com/support/pages/node/7240431 • CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection') •

CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0

24 Jul 2025 — IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and MQ Operator SC2 3.2.0 through 3.2.13 Internet Pass-Thru could allow a malicious user to obtain sensitive information from another TLS session connection by the proxy to the same hostname and port due to improper certificate validation. • https://www.ibm.com/support/pages/node/7240431 • CWE-295: Improper Certificate Validation •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

23 Jul 2025 — Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-vulnerabilities-in-ni-labview.html • CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •