Page 60 of 10657 results (0.047 seconds)

CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0

Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html • CWE-284: Improper Access Control •

CVSS: 5.2EPSS: 0%CPEs: -EXPL: 0

Improper input validation in some Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable information disclosure via adjacent access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html • CWE-20: Improper Input Validation •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

This could lead to local information disclosure with System execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-09-01 •

CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0

An information disclosure vulnerability exists in the lunary-ai/lunary, specifically in the `runs/{run_id}/related` endpoint. • https://github.com/lunary-ai/lunary/commit/35afd4439464571eb016318cd7b6f85a162225ca https://huntr.com/bounties/460df515-164c-4435-954b-0233a181545f • CWE-1220: Insufficient Granularity of Access Control •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. • https://exchange.xforce.ibmcloud.com/vulnerabilities/351213 https://www.ibm.com/support/pages/node/7168234 • CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute •