Page 17 of 10681 results (0.040 seconds)

CVSS: 7.5EPSS: %CPEs: -EXPL: 0

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 5814 by default. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. •

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1

The manipulation of the argument request leads to information disclosure. ... Mit der Manipulation des Arguments request mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/dycccccccc/JEEWMS/blob/main/JEEWMS%20Shipper%20Information%20Leakage.docx https://vuldb.com/?ctiid.286343 https://vuldb.com/?id.286343 https://vuldb.com/?submit.445596 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •

CVSS: 6.2EPSS: 0%CPEs: 7EXPL: 0

In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/pixel/2018-06-01 • CWE-908: Use of Uninitialized Resource •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in IDE Interactive Content Audit Exporter allows Retrieve Embedded Sensitive Data.This issue affects Content Audit Exporter: from n/a through 1.1. The Content Audit Exporter plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/content-audit-exporter/vulnerability/wordpress-content-audit-exporter-plugin-1-1-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •

CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0

This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/pixel/2018-05-01 • CWE-125: Out-of-bounds Read •