Page 83 of 10815 results (0.036 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

FOG Server 1.5.10.41.4 and earlier can leak authorized and rejected logins via logs stored directly on the root of the web server. • https://github.com/FOGProject/fogproject/security/advisories/GHSA-697m-3c4p-g29h • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 2.7EPSS: 0%CPEs: 1EXPL: 0

Improper Input Validation of query search results for private field data in PingIDM OPENIDM (Query Filter module) allows for a potentially efficient brute forcing approach leading to information disclosure. Improper Input Validation of query search results for private field data in PingIDM (Query Filter module) allows for a potentially efficient brute forcing approach leading to information disclosure. • https://backstage.forgerock.com/docs/idcloud/latest/release-notes/regular-channel-changelog.html#changed_functionality https://backstage.forgerock.com/knowledge/kb/article/a95212747 • CWE-20: Improper Input Validation •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

An unauthenticated remote attacker could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000226567/dsa-2024-211-security-update-for-a-dell-insightiq-broken-or-risky-cryptographic-algorithm-vulnerability • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 6.9EPSS: 0%CPEs: -EXPL: 2

The manipulation leads to information disclosure. ... Dank der Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/RevoltSecurities/CVE-2024-7339 https://netsecfish.notion.site/Sensitive-Device-Information-Disclosure-in-TVT-DVR-fad1cce703d946969be5130bf3aaac0d? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 2.6EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging devices. •