Page 90 of 10816 results (0.027 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

An attacker can exploit the ansible playbook to read arbitrary files in the celery container, leading to sensitive information disclosure. • https://github.com/jumpserver/jumpserver/security/advisories/GHSA-rpf7-g4xh-84v9 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000227053/dsa-2024-303-security-update-for-dell-data-lakehouse-system-software-for-multiple-security-vulnerabilities • CWE-311: Missing Encryption of Sensitive Data •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

Using these tokens, an attacker can access guest customer order details - sensitive guest customer information. • https://github.com/Sylius/Sylius/security/advisories/GHSA-55rf-8q29-4g43 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 3.1EPSS: 0%CPEs: 2EXPL: 0

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 could disclose sensitive information in the HTTP response using man in the middle techniques. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265507 https://www.ibm.com/support/pages/node/7160433 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •

CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •