Page 24 of 10786 results (0.076 seconds)

CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7176346 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-06-01 • CWE-908: Use of Uninitialized Resource •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-06-01 • CWE-908: Use of Uninitialized Resource •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure. • https://source.android.com/security/bulletin/2018-06-01 • CWE-787: Out-of-bounds Write •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

This functionality, as included in Graylog 6.1.0 & 6.1.1, is vulnerable to information leakage triggered by multiple concurrent report rendering requests from authorized users. ... This might lead to one user getting the report of a different user, potentially leaking indexed log messages or aggregated data that this user normally has no access to. • https://github.com/Graylog2/graylog2-server/security/advisories/GHSA-vggm-3478-vm5m • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •