13967 results (0.078 seconds)

CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0

21 Jan 2025 — IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13 stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs. • https://www.ibm.com/support/pages/node/7177857 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0

20 Jan 2025 — IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be stored locally which can be read by another user on the system. • https://www.ibm.com/support/pages/node/7172750 • CWE-525: Use of Web Browser Cache Containing Sensitive Information

CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0

20 Jan 2025 — IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://www.ibm.com/support/pages/node/7172750 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

20 Jan 2025 — The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87. ... The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. • https://plugins.trac.wordpress.org/browser/1003-mortgage-application/trunk/inc/class/fnm/export.php • CWE-209: Generation of Error Message Containing Sensitive Information

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The 'sample' local struct is used to push data to user space from a triggered buffer, but it has a hole between the temperature and the timestamp (u32 pressure, u16 temperature, GAP, u64 timestamp). In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The 'sample' local ... • https://git.kernel.org/stable/c/03b262f2bbf43b82eaef82ffb3bc671d5b5c8da1 •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc() and it is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iio_simply_dummy_buffer: fix information... • https://git.kernel.org/stable/c/415f792447572ef1949a3cef5119bbce8cc66373 •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to push data to userspace from a triggered buffer, but it does not set an initial value for the single data element, which is an u16 aligned to 8 bytes. In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to ... • https://git.kernel.org/stable/c/ec90b52c07c0403a6db60d752484ec08d605ead0 •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1745: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1745: fix information leak in triggered buffer The 'scan' local struct ... • https://git.kernel.org/stable/c/eab35358aae705b779a7c8b405474d1290175196 •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is u... • https://git.kernel.org/stable/c/c3a23ecc0901f624b681bbfbc4829766c5aa3070 •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data'... • https://git.kernel.org/stable/c/4e130dc7b41348b13684f0758c26cc6cf72a3449 •