Potentially allowing an attacker to read certain information on Check Point Security Gateways o…

Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enu…

For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted us…

.NET Framework Information Disclosure Vulnerability

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout fo…

There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <…

Metabase is an open source data analytics platform. In affected versions a security issue has b…

Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/serv…

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocol…

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM a…

A critical unauthenticated remote code execution vulnerability was found all recent versions of…

ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g.,…

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider me…

sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOW…

Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC m…

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE th…

wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementatio…

In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as…

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2…

Systems with microprocessors utilizing speculative execution and indirect branch prediction may…

Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.…

The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not e…

The from method in library/core/class.email.php in Vanilla Forums before 2.3.1 allows remote at…

XWiki Platform is a generic wiki platform. Starting in 7.2-milestone-2 and prior to versions 14…

The FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine Applications Manager b…

In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows reque…

The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products…

gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 200…

In the Druid ingestion system, the InputSource is used for reading data from a certain data sou…

A vulnerability in the web interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV…

An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Wri…

Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and …

Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.…

For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the …

An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1…

Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 20…

IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0…

A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error report…

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and ea…

An information disclosure vulnerability exists when the Windows GDI component improperly disclo…