Page 168 of 10805 results (0.024 seconds)

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

Windows DWM Core Library Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de la librería principal de Windows DWM • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26172 • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

Windows Remote Access Connection Manager Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del Administrador de conexión de acceso remoto de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26255 • CWE-126: Buffer Over-read •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Minder by Stacklok is an open source software supply chain security platform. A refactoring in commit `5c381cf` added the ability to get GitHub repositories registered to a project without specifying a specific provider. Unfortunately, the SQL query for doing so was missing parenthesis, and would select a random repository. This issue is patched in pull request 2941. As a workaround, revert prior to `5c381cf`, or roll forward past `2eb94e7`. • https://github.com/stacklok/minder/commit/11b6573ad62cfdd783a8bb52f3fce461466037f4 https://github.com/stacklok/minder/commit/5c381cfbf3e4b7ce040ed8511a1fae1a78a0014b https://github.com/stacklok/minder/pull/2941 https://github.com/stacklok/minder/security/advisories/GHSA-ggp5-28x4-xcj9 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.0 through 2.4.1 may allows attacker to information disclosure via crafted http requests. • https://fortiguard.com/psirt/FG-IR-24-060 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0

An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 through 7.4.1 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.15 and 6.4.0 through 6.4.15 allows attacker to information disclosure via HTTP requests. • https://fortiguard.com/psirt/FG-IR-23-224 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •