Page 89 of 10658 results (0.028 seconds)

CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0

An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38206 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. • https://www.zerodayinitiative.com/advisories/ZDI-24-1021 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 297429 • https://exchange.xforce.ibmcloud.com/vulnerabilities/297429 https://www.ibm.com/support/pages/node/7160580 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0

This leads to SSRF, and could potentially lead to sensitive data exposure. • https://github.com/nuxt/icon/security/advisories/GHSA-cxgv-px37-4mp2 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 6.0EPSS: 0%CPEs: -EXPL: 0

Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption. • https://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3011.html • CWE-20: Improper Input Validation •