Page 393 of 10738 results (0.028 seconds)

CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0

D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability. • https://www.zerodayinitiative.com/advisories/ZDI-23-1510 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 1

An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. • https://github.com/win3zz/CVE-2023-43261 http://milesight.com http://packetstormsecurity.com/files/176988/Milesight-UR5X-UR32L-UR32-UR35-UR41-Credential-Leakage.html http://ur5x.com https://medium.com/%40win3zz/inside-the-router-how-i-accessed-industrial-routers-and-reported-the-flaws-29c34213dfdf https://support.milesight-iot.com/support/home • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcj_get_option' shortcode in versions up to, and including, 7.1.1 due to insufficient controls on the information retrievable via the shortcode. • https://patchstack.com/database/vulnerability/woocommerce-jetpack/wordpress-booster-for-woocommerce-plugin-7-1-2-authenticated-arbitrary-wordpress-option-disclosure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

IBM Disconnected Log Collector 1.0 through 1.8.2 is vulnerable to potential security misconfigurations that could disclose unintended information. IBM X-Force ID: 224648. IBM Disconnected Log Collector 1.0 a 1.8.2 es vulnerable a posibles errores de configuración de seguridad que podrían revelar información no deseada. ID de IBM X-Force: 224648. • https://exchange.xforce.ibmcloud.com/vulnerabilities/224648 https://https://www.ibm.com/support/pages/node/7042313 https://www.ibm.com/support/pages/node/7042313 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-idm-sistemas-qsige • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •