Page 51 of 10841 results (0.144 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

This could lead to the disclosure of sensitive information, such as configuration files and JWT signing secrets. • https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240735-multiple-vulnerabilities-in-mxview-one-and-mxview-one-central-manager-series https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-05 • CWE-24: Path Traversal: '../filedir' •

CVSS: 3.8EPSS: 0%CPEs: -EXPL: 0

Some uninitialized data may exist in the bounce.buffer, leading to an information leak. • https://access.redhat.com/security/cve/CVE-2024-8612 https://bugzilla.redhat.com/show_bug.cgi?id=2313760 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0

An authenticated remote attacker could exploit this vulnerability by manipulating parameters in the API request body leading to exposure of sensitive information belonging to other users. • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0296 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

The filters do not provide much information (they mainly contain references which are public data in XWiki), though some info could be used in combination with other vulnerabilities. • https://github.com/xwiki/xwiki-platform/commit/c8c6545f9bde6f5aade994aa5b5903a67b5c2582 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-pg4m-3gp6-hw4w https://jira.xwiki.org/browse/XWIKI-20336 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •

CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0

This issue may lead to Information Disclosure. • https://codeql.github.com/codeql-query-help/ruby/rb-path-injection https://github.com/owen2345/camaleon-cms/security/advisories/GHSA-cp65-5m9r-vc2c https://owasp.org/www-community/attacks/Path_Traversal https://www.reddit.com/r/rails/comments/1exwtdm/camaleon_cms_281_has_been_released • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •