Total
9894 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-5354 | 1 Anji-plus | 1 Aj-report | 2025-03-01 | 4.3 Medium |
| A vulnerability classified as problematic was found in anji-plus AJ-Report up to 1.4.1. This vulnerability affects unknown code of the file /reportShare/detailByCode. The manipulation of the argument shareToken leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-266266 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-24923 | 1 Microsoft | 1 Onedrive | 2025-02-28 | 5.5 Medium |
| Microsoft OneDrive for Android Information Disclosure Vulnerability | ||||
| CVE-2023-24882 | 1 Microsoft | 1 Onedrive | 2025-02-28 | 5.5 Medium |
| Microsoft OneDrive for Android Information Disclosure Vulnerability | ||||
| CVE-2023-38158 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 3.1 Low |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | ||||
| CVE-2023-36894 | 1 Microsoft | 1 Sharepoint Server | 2025-02-28 | 6.5 Medium |
| Microsoft SharePoint Server Information Disclosure Vulnerability | ||||
| CVE-2022-30184 | 4 Apple, Fedoraproject, Microsoft and 1 more | 9 Macos, Fedora, .net and 6 more | 2025-02-28 | 5.5 Medium |
| .NET and Visual Studio Information Disclosure Vulnerability | ||||
| CVE-2021-31173 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-02-28 | 5.3 Medium |
| Microsoft SharePoint Server Information Disclosure Vulnerability | ||||
| CVE-2023-33165 | 1 Microsoft | 1 Sharepoint Server | 2025-02-28 | 4.3 Medium |
| Microsoft SharePoint Server Security Feature Bypass Vulnerability | ||||
| CVE-2023-27904 | 2 Jenkins, Redhat | 3 Jenkins, Ocp Tools, Openshift | 2025-02-28 | 5.3 Medium |
| Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers. | ||||
| CVE-2025-1606 | 1 Mayurik | 1 Best Employee Management System | 2025-02-28 | 4.3 Medium |
| A vulnerability classified as problematic was found in SourceCodester Best Employee Management System 1.0. This vulnerability affects unknown code of the file /admin/backup/backups.php. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2021-34125 | 2 Dronecode, Yuneec | 3 Px4 Drone Autopilot, Mantis Q, Mantis Q Firmware | 2025-02-28 | 7.5 High |
| An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands. | ||||
| CVE-2025-25729 | 2025-02-28 | 7.5 High | ||
| An information disclosure vulnerability in Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 allows attackers to obtain hardcoded cleartext credentials via the update or boot process. | ||||
| CVE-2024-36986 | 1 Splunk | 2 Cloud, Splunk | 2025-02-28 | 6.3 Medium |
| In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in the Analytics Workspace. The vulnerability requires the authenticated user to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will. | ||||
| CVE-2024-45739 | 1 Splunk | 1 Splunk | 2025-02-28 | 4.9 Medium |
| In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level. | ||||
| CVE-2023-32710 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2025-02-28 | 4.8 Medium |
| In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can perform an unauthorized transfer of data from a search using the ‘copyresults’ command if they know the search ID (SID) of a search job that has recently run. | ||||
| CVE-2024-45738 | 1 Splunk | 1 Splunk | 2025-02-28 | 4.9 Medium |
| In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index. This exposure could happen if you configure the Splunk Enterprise `REST_Calls` log channel at the DEBUG logging level. | ||||
| CVE-2023-5515 | 1 Hitachienergy | 1 Esoms | 2025-02-27 | 5.3 Medium |
| The responses for web queries with certain parameters disclose internal path of resources. This information can be used to learn internal structure of the application and to further plot attacks against web servers and deployed web applications. | ||||
| CVE-2023-5516 | 1 Hitachienergy | 1 Esoms | 2025-02-27 | 5.3 Medium |
| Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing information about the underlying technology and other sensitive information details. The website unintentionally reveals sensitive information including technical details like version Info, endpoints, backend server, Internal IP. etc., which can potentially expose additional attack surface containing other interesting vulnerabilities. | ||||
| CVE-2023-5920 | 2 Apple, Mattermost | 2 Macos, Mattermost Desktop | 2025-02-27 | 2.9 Low |
| Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard input. | ||||
| CVE-2023-6076 | 1 Phpgurukul | 1 Restaurant Table Booking System | 2025-02-27 | 5.3 Medium |
| A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file booking-details.php of the component Reservation Status Handler. The manipulation of the argument bid leads to information disclosure. The attack can be launched remotely. The identifier VDB-244945 was assigned to this vulnerability. | ||||