Page 16 of 10681 results (0.008 seconds)

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

This could lead to remote information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •

CVSS: 6.2EPSS: 0%CPEs: -EXPL: 0

This could lead to local information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.16.0. The WP Mailster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.16.0. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/wp-mailster/vulnerability/wordpress-wp-mailster-plugin-1-8-16-0-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 5814 by default. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. •