Page 45 of 12070 results (0.036 seconds)

CVSS: 2.6EPSS: 0%CPEs: 3EXPL: 0

Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauthorised user the path of a private project." • https://gitlab.com/gitlab-org/gitlab/-/issues/482843 • CWE-684: Incorrect Provision of Specified Functionality •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

This issue can lead to unauthorized access to sensitive information and exposure of confidential configuration files. • https://github.com/agnaistic/agnai/security/advisories/GHSA-h355-hm5h-cm8h • CWE-35: Path Traversal: '.../ •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

This issue could result in unauthorized access, full server compromise, data leakage, and other critical security threats. • https://github.com/agnaistic/agnai/security/advisories/GHSA-mpch-89gm-hm83 • CWE-35: Path Traversal: '.../...//' CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0

IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device. • https://www.ibm.com/support/pages/node/7149734 • CWE-256: Plaintext Storage of a Password •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file plain clear text which can be read by a privileged user. • https://www.ibm.com/support/pages/node/7170411 • CWE-532: Insertion of Sensitive Information into Log File •