Windows Kernel Information Disclosure Vulnerability

Nagios Log Server before 2024R1.3.2 allows authenticated users to retrieve cleartext administra…

SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables throug…

Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability …

Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose the server's Acti…

Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script al…

GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed duri…

In Eclipse Kura versions up to 4.0.0, Kura exposes the underlying Ui Web server version in its …

A vulnerability in Cisco IoT Field Network Director (FND) could allow an unauthenticated, remot…

A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allo…

Fides is an open-source privacy engineering platform, and `SERVER_SIDE_FIDES_API_URL` is a serv…

A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. Notifier secrets were…

Nagios XI versions prior to 2024R1.1.2 may (confirmed in 2024R1.1 and 2024R1.1.1) disclose sens…

An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, whe…

A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly…

MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app sett…

Nagios XI versions prior to 2024R1.4.2 revealed API keys to users who were not authorized for A…

Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose sensitive user ac…

Parse Server is an open source backend that can be deployed to any infrastructure that can run …

Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability…

A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could…

alf.io is an open source ticket reservation system. Prior to version 2.0-Mr-2402, an attacker c…

AVideo versions prior to 20.1 disclose absolute filesystem paths via multiple public API endpoi…

Firefox behaved slightly differently for already known resources when loading CSS resources inv…

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated…

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dar…

The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthenticated remote attacker t…

Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.5…

tine before 2023.11.8, when an LDAP backend is used, allows anonymous remote attackers to obtai…

Internal browser event interfaces were exposed to web content when privileged EventHandler list…

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) c…

Sony BRAVIA Digital Signage 1.7.8 contains an information disclosure vulnerability that allows …

CasaOS versions up to and including 0.4.15 expose multiple unauthenticated endpoints that allow…

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.…

An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3…

VMware Aria Operations contains an information disclosure vulnerability. A malicious user with …

Under certain conditions the Microsoft Edge browser extension (SAP GUI connector for Microsoft …

IBM Security Verify Privilege 11.6.25 could allow an unauthenticated actor to obtain sensitive …

Information disclosure of authentication information in the specific service vulnerability exis…

Multiple SHARP routers contain an improper authentication vulnerability in the configuration ba…