Page 5 of 15034 results (0.013 seconds)

CVSS: 7.8EPSS: %CPEs: 1EXPL: 0

27 Jun 2025 — Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. An attacker c... • https://www.zerodayinitiative.com/advisories/ZDI-25-456 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: %CPEs: 1EXPL: 0

27 Jun 2025 — Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. An attacker c... • https://www.zerodayinitiative.com/advisories/ZDI-25-458 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: %CPEs: 1EXPL: 0

27 Jun 2025 — Marvell QConvergeConsole restoreESwitchConfig Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. An attacker... • https://www.zerodayinitiative.com/advisories/ZDI-25-459 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: %CPEs: 1EXPL: 0

27 Jun 2025 — Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. An attacker ... • https://www.zerodayinitiative.com/advisories/ZDI-25-452 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: %CPEs: 1EXPL: 0

27 Jun 2025 — Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. An att... • https://www.zerodayinitiative.com/advisories/ZDI-25-453 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.3EPSS: %CPEs: 1EXPL: 0

27 Jun 2025 — Marvell QConvergeConsole getDriverTmpPath Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. An attacker can... • https://www.zerodayinitiative.com/advisories/ZDI-25-463 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

26 Jun 2025 — IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses sensitive user information in API requests in clear text that could be intercepted using man in the middle techniques. • https://www.ibm.com/support/pages/node/7237604 • CWE-319: Cleartext Transmission of Sensitive Information

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

26 Jun 2025 — A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and exposing sensitive information disclosure. • https://thrive.trellix.com/s/article/000014635 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

25 Jun 2025 — Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. • https://www.zerodayinitiative.com/advisories/ZDI-25-342 • CWE-306: Missing Authentication for Critical Function •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

25 Jun 2025 — A local, low-privileged attacker can learn the password of the connected controller in PLC Designer V4 due to an incorrect implementation that results in the password being displayed in plain text under special conditions. • https://certvde.com/en/advisories/VDE-2025-043 • CWE-312: Cleartext Storage of Sensitive Information