Page 12 of 11327 results (0.019 seconds)

CVSS: 6.2EPSS: 0%CPEs: 30EXPL: 0

Windows Package Library Manager Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38203 • CWE-693: Protection Mechanism Failure •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

An out-of-bounds read vulnerability in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to leak sensitive information in memory. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release • CWE-125: Out-of-bounds Read •

CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0

In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info. • https://access.redhat.com/security/cve/CVE-2024-49395 https://bugzilla.redhat.com/show_bug.cgi?id=2325332 • CWE-1230: Exposure of Sensitive Information Through Metadata •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to read files from the server, which otherwise would be restricted.This attack is possible only if a Web Dispatcher or some sort of Proxy Server is in use and the file in question was previously opened or downloaded in an application based on SAP GUI for HTML Technology. This will not compromise the application's integrity or availability. • https://me.sap.com/notes/3508947 https://url.sap/sapsecuritypatchday • CWE-276: Incorrect Default Permissions •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

SAP NetWeaver AS Java allows an unauthenticated attacker to brute force the login functionality in order to identify the legitimate user IDs. This has an impact on confidentiality but not on integrity or availability. • https://me.sap.com/notes/3393899 https://url.sap/sapsecuritypatchday • CWE-307: Improper Restriction of Excessive Authentication Attempts •