Page 101 of 10852 results (0.045 seconds)

CVSS: 8.6EPSS: 0%CPEs: -EXPL: 0

The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability. ... This vulnerability allows remote attackers to delete arbitrary files and disclose sensitive information on affected installations of SolarWinds Access Rights Manager. ... An attacker can leverage this vulnerability to delete files and disclose information in the context of a highly privileged domain user. • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0

IBM Sterling Partner Engagement Manager 6.2.2 could allow a local attacker to obtain sensitive information when a detailed technical error message is returned. • https://exchange.xforce.ibmcloud.com/vulnerabilities/230933 https://www.ibm.com/support/pages/node/7160300 • CWE-209: Generation of Error Message Containing Sensitive Information

CVSS: 2.5EPSS: 0%CPEs: 1EXPL: 0

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. • https://www.oracle.com/security-alerts/cpujul2024.html •

CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0

An exposure of sensitive information vulnerability in GitHub Enterprise Server would allow an attacker to enumerate the names of private repositories that utilize deploy keys. • https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12 https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6 https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17 https://help.github.com/enterprise-server@3.10/admin/release-notes#3.10.15 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.9EPSS: 0%CPEs: 5EXPL: 0

A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.15 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12 https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6 https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •