Page 60 of 10843 results (0.167 seconds)

CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0

An information disclosure vulnerability exists in the lunary-ai/lunary, specifically in the `runs/{run_id}/related` endpoint. ... The vulnerability allows unauthorized users to obtain information about non-public runs and their related runs, given the `run_id` of a public or non-public run. • https://github.com/lunary-ai/lunary/commit/35afd4439464571eb016318cd7b6f85a162225ca https://huntr.com/bounties/460df515-164c-4435-954b-0233a181545f • CWE-1220: Insufficient Granularity of Access Control •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. • https://exchange.xforce.ibmcloud.com/vulnerabilities/351213 https://www.ibm.com/support/pages/node/7168234 • CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data.This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android. • https://www.usom.gov.tr/bildirim/tr-24-1457 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38222 • CWE-276: Incorrect Default Permissions •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in TaxoPress WordPress Tag Cloud Plugin – Tag Groups.This issue affects WordPress Tag Cloud Plugin – Tag Groups: from n/a through 2.0.3. ... This makes it possible for unauthenticated attackers to extract information about tags. • https://patchstack.com/database/vulnerability/tag-groups/wordpress-tag-groups-plugin-2-0-3-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •