Page 88 of 10843 results (0.130 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. ... An attacker can leverage this vulnerability to disclose information in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-1021 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/297429 https://www.ibm.com/support/pages/node/7160580 • CWE-209: Generation of Error Message Containing Sensitive Information

CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0

This leads to SSRF, and could potentially lead to sensitive data exposure. • https://github.com/nuxt/icon/security/advisories/GHSA-cxgv-px37-4mp2 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 6.0EPSS: 0%CPEs: -EXPL: 0

Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption. • https://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3011.html • CWE-20: Improper Input Validation •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

Information disclosure while handling beacon probe frame during scan entry generation in client side. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-126: Buffer Over-read •