Page 25 of 10804 results (0.065 seconds)

CVSS: 5.7EPSS: 0%CPEs: 4EXPL: 0

An information disclosure vulnerability was identified in GitHub Enterprise Server via attacker uploaded asset URL allowing the attacker to retrieve metadata information of a user who clicks on the URL and further exploit it to create a convincing phishing page. • https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.16 https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.10 https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.5 https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

A potential information disclosure vulnerability was reported in Lenovo's packaging of Dolby Vision Provisioning software prior to version 2.0.0.2 that could allow a local attacker to read files on the system with elevated privileges during installation of the package. • https://support.lenovo.com/us/en/product_security/LEN-158394 • CWE-276: Incorrect Default Permissions •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

The vulnerability allows remote attackers to disclose sensitive information on affected installations of Schneider Electric EcoStruxure Data Center Expert. ... An attacker can leverage this vulnerability to disclose sensitive information, leading to further compromise. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-282-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-282-01.pdf • CWE-306: Missing Authentication for Critical Function •

CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. •

CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. •