15103 results (0.012 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

21 Jul 2025 — The Birth Chart Compatibility plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0. ... The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. • https://github.com/byteReaper77/CVE-2025-6082 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

21 Jul 2025 — IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could be vulnerable to information exposure due to the use of unencrypted network traffic. • https://www.ibm.com/support/pages/node/7239635 • CWE-311: Missing Encryption of Sensitive Data •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

21 Jul 2025 — IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to view and modify information coming to and from the application which could then be used to access confidential information on the device or network by using a the deprecated or misconfigured AFNetworking library at runtime. • https://www.ibm.com/support/pages/node/7239635 • CWE-326: Inadequate Encryption Strength •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

21 Jul 2025 — IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to obtain sensitive information due to the cleartext transmission of data. • https://www.ibm.com/support/pages/node/7239635 • CWE-319: Cleartext Transmission of Sensitive Information

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

21 Jul 2025 — A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000317419/dsa-2025-192-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0

21 Jul 2025 — A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering. • https://www.dell.com/support/kbdoc/en-us/000345331/dsa-2025-277-security-update-for-dell-appsync-vulnerabilities • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 3.7EPSS: 0%CPEs: -EXPL: 0

21 Jul 2025 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of rocket.chat. ... An attacker can leverage this vulnerability to disclose information in the context of the application. •

CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0

21 Jul 2025 — This may lead to remote code execution (RCE), information disclosure, or full system compromise. • https://gist.github.com/TPCchecker/c72eea7a3f89070dab7dfdbf7504b2d6 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 1

20 Jul 2025 — The manipulation leads to information disclosure. ... The vendor was contacted early about this disclosure but did not respond in any way. ... Dank Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/FightingLzn9/vul/blob/main/MetaCRM6-SIL-2.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0

18 Jul 2025 — This can lead to sensitive data exposure. • http://agorum.com • CWE-918: Server-Side Request Forgery (SSRF) •