Page 314 of 10588 results (0.091 seconds)

CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0

This could lead to local information disclosure with no additional execution privileges needed En las herramientas de validación, es posible que falte una verificación de permiso. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 • CWE-862: Missing Authorization •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set('display_errors', '0')` with `ini_set('display_errors', 'Off')` in `app/Config/Boot/production.php`. • https://codeigniter4.github.io/userguide/general/errors.html#error-reporting https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563 https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call. • https://docs.bestpractical.com/release-notes/rt/4.4.7 https://docs.bestpractical.com/release-notes/rt/5.0.5 https://docs.bestpractical.com/release-notes/rt/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Best Practical Request Tracker (RT) 5 before 5.0.5 allows Information Disclosure via a transaction search in the transaction query builder. • https://docs.bestpractical.com/release-notes/rt/5.0.5 https://docs.bestpractical.com/release-notes/rt/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/android-14 • CWE-125: Out-of-bounds Read •