Page 16 of 10785 results (0.044 seconds)

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •

CVSS: 6.2EPSS: 0%CPEs: -EXPL: 0

This could lead to local information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.16.0. ... This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/wp-mailster/vulnerability/wordpress-wp-mailster-plugin-1-8-16-0-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

The FloristPress – Customize your Woo store for your Florist plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in all versions up to, and including, 7.3.0. • https://patchstack.com/database/wordpress/plugin/bakkbone-florist-companion/vulnerability/wordpress-floristpress-plugin-7-3-0-nonce-leakage-to-broken-access-control-vulnerability? • CWE-862: Missing Authorization •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 5814 by default. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. •