14583 results (0.014 seconds)

CVSS: 5.3EPSS: %CPEs: -EXPL: 0

11 Jun 2025 — IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 stores source code on the web server that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7234674 • CWE-540: Inclusion of Sensitive Information in Source Code •

CVSS: 5.3EPSS: %CPEs: 2EXPL: 0

11 Jun 2025 — IBM Security Verify Access Appliance and Docker 10.0 through 10.0.8 could allow a remote attacker to enumerate usernames due to an observable response discrepancy of disabled accounts. • https://www.ibm.com/support/pages/node/7236314 • CWE-204: Observable Response Discrepancy •

CVSS: 9.3EPSS: %CPEs: -EXPL: 0

11 Jun 2025 — Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32711 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 3.1EPSS: 0%CPEs: 2EXPL: 0

11 Jun 2025 — Mattermost versions 10.5.x <= 10.5.4, 9.11.x <= 9.11.13 fail to properly restrict API access to team information, allowing guest users to bypass permissions and view information about public teams they are not members of via a direct API call to /api/v4/teams/{team_id}. • https://mattermost.com/security-updates • CWE-863: Incorrect Authorization •

CVSS: 4.9EPSS: 0%CPEs: -EXPL: 0

11 Jun 2025 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. •

CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0

10 Jun 2025 — An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Unauthorized access. • https://www.dell.com/support/kbdoc/en-us/000325679/dsa-2025-226 • CWE-36: Absolute Path Traversal •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

10 Jun 2025 — Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000325679/dsa-2025-226 • CWE-202: Exposure of Sensitive Information Through Data Queries •

CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0

10 Jun 2025 — Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33055 • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0

10 Jun 2025 — Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33052 • CWE-908: Use of Uninitialized Resource •

CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0

10 Jun 2025 — Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24065 • CWE-125: Out-of-bounds Read •