Page 103 of 10852 results (0.027 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct information disclosure via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24023 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

An information disclosure vulnerability in SWG in versions 12.x prior to 12.2.10 and 11.x prior to 11.2.24 allows information stored in a customizable block page to be disclosed to third-party websites due to Same Origin Policy Bypass of browsers in certain scenarios. ... Any information disclosed depends on how the customers have customized the block pages. • https://thrive.trellix.com/s/article/000013694 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information for future attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/296009 https://www.ibm.com/support/pages/node/7160185 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •

CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/295968 https://www.ibm.com/support/pages/node/7160185 • CWE-540: Inclusion of Sensitive Information in Source Code •

CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://exchange.xforce.ibmcloud.com/vulnerabilities/295970 https://www.ibm.com/support/pages/node/7160185 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •