Page 28 of 11331 results (0.154 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

This could lead to local information disclosure with baseband firmware compromise required. • https://source.android.com/security/bulletin/pixel/2024-10-01 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

N/A Android before 2024-10-05 on Google Pixel devices allows information disclosure in the modem component, A-299774545. • https://source.android.com/security/bulletin/pixel/2024-10-01 • CWE-276: Incorrect Default Permissions •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-10-01 • CWE-863: Incorrect Authorization •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserWithTeam. ... The information disclosed is associated with all registered user ID numbers. • https://cve.offsecguy.com/ovaledge/vulnerabilities/sensitive-data-exposure#cve-2022-30354 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0

OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserList. ... The information disclosed is associated with the all registered users, including user ID, status, email address, role(s), user type, license type, and personal details such as first name, last name, gender, and user preferences. • https://cve.offsecguy.com/ovaledge/vulnerabilities/sensitive-data-exposure#cve-2022-30359 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •