Page 130 of 13273 results (0.118 seconds)

CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0

16 May 2024 — Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01109.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

16 May 2024 — Successful exploitation of this vulnerability could allow an attacker to list all folders in the drive on the system, potentially leading to information disclosure. • https://huntr.com/bounties/5116d858-ce00-418c-a5a5-851c5608c209 • CWE-29: Path Traversal: '\..\filename' •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

16 May 2024 — Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/illustrator/apsb24-30.html • CWE-125: Out-of-bounds Read •

CVSS: 6.3EPSS: 0%CPEs: 25EXPL: 2

16 May 2024 — This lack of restriction permits arbitrary format strings with multiple specifiers, potentially leading to data leakage from the stack and memory corruption. • https://packetstorm.news/files/id/179645 • CWE-20: Improper Input Validation CWE-693: Protection Mechanism Failure •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

15 May 2024 — An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, allows low-privilege attacker to read systems file via XML External Entity Processing. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software Telerik Reporting. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. • https://docs.telerik.com/report-server/knowledge-base/xxe-vulnerability-cve-2024-4357 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

15 May 2024 — This could lead to information disclosure and remote code execution. ... This could lead to information disclosure and remote code execution. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

15 May 2024 — This could lead to senstive information disclosure. ... This could lead to senstive information disclosure. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

15 May 2024 — This could lead to senstive information disclosure by directory traversal. ... This could lead to senstive information disclosure by directory traversal. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 5.2EPSS: 0%CPEs: 1EXPL: 0

15 May 2024 — This can lead to information disclosure by local attackers, via exfiltration of sensitive data from configuration files. • https://security.nozominetworks.com/NN-2023:15-01 • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

15 May 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. • https://helpx.adobe.com/security/products/acrobat/apsb24-29.html • CWE-125: Out-of-bounds Read •