Page 20 of 10568 results (0.173 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

N/A Android before 2024-10-05 on Google Pixel devices allows information disclosure in the modem component, A-299774545. • https://source.android.com/security/bulletin/pixel/2024-10-01 • CWE-276: Incorrect Default Permissions •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-10-01 • CWE-863: Incorrect Authorization •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserWithTeam. • https://cve.offsecguy.com/ovaledge/vulnerabilities/sensitive-data-exposure#cve-2022-30354 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0

OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserList. • https://cve.offsecguy.com/ovaledge/vulnerabilities/sensitive-data-exposure#cve-2022-30359 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0

OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserType. • https://cve.offsecguy.com/ovaledge/vulnerabilities/sensitive-data-exposure#cve-2022-30361 • CWE-922: Insecure Storage of Sensitive Information •