Export limit exceeded: 324770 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (565 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-6911 | 1 Usb Pratirodh Project | 1 Usb Pratirodh | 2025-04-20 | N/A |
| USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such as username and password in simple usb.xml. An attacker with physical access to the system can modify the file according his own requirements that may aid in further attack. | ||||
| CVE-2017-16560 | 1 Sandisk | 1 Secureaccess | 2025-04-20 | N/A |
| SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user exits the application or if the application crashes. | ||||
| CVE-2017-0493 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An information disclosure vulnerability in File-Based Encryption could enable a local malicious attacker to bypass operating system protections for the lock screen. This issue is rated as Moderate due to the possibility of bypassing the lock screen. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-32793550. | ||||
| CVE-2017-8144 | 1 Huawei | 12 Honor 5a, Honor 5a Firmware, Honor 8 Lite and 9 more | 2025-04-20 | N/A |
| Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before LON-AL00C00B225,the versions before VTR-AL00C00B167,the versions before VTR-TL00C01B167,the versions before VKY-AL00C00B167,the versions before VKY-TL00C01B167 have a resource exhaustion vulnerability due to configure setting. An attacker tricks a user into installing a malicious application, the application may turn on the device flash-light and rapidly drain the device battery. | ||||
| CVE-2025-22984 | 1 Thecosy | 1 Icecms | 2025-04-18 | 7.5 High |
| An access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information. | ||||
| CVE-2022-3166 | 1 Rockwellautomation | 4 Micrologix 1100, Micrologix 1100 Firmware, Micrologix 1400 and 1 more | 2025-04-17 | 7.5 High |
| Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device | ||||
| CVE-2020-10635 | 1 Kuka | 1 Sim Pro | 2025-04-16 | 4.3 Medium |
| Simulation models for KUKA.Sim Pro version 3.1 are hosted by a server maintained by KUKA. When these devices request a model, the server transmits the model in plaintext. | ||||
| CVE-2021-27456 | 1 Phillips | 22 Gemini 882160, Gemini 882160 Firmware, Gemini 882300 and 19 more | 2025-04-16 | 2.4 Low |
| Philips Gemini PET/CT family software stores sensitive information in a removable media device that does not have built-in access control. | ||||
| CVE-2023-41829 | 2025-04-16 | 5 Medium | ||
| An improper export vulnerability was reported in the Motorola Carrier Services application that could allow a malicious, local application to read files without authorization. | ||||
| CVE-2020-15685 | 2 Mozilla, Redhat | 3 Thunderbird, Enterprise Linux, Rhel Eus | 2025-04-16 | 8.8 High |
| During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7. | ||||
| CVE-2024-57546 | 1 Cmsimple | 1 Cmsimple | 2025-04-16 | 7.5 High |
| An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function. | ||||
| CVE-2023-41965 | 1 Socomec | 2 Modulys Gp, Modulys Gp Firmware | 2025-04-15 | 7.5 High |
| Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process. | ||||
| CVE-2022-40959 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2025-04-15 | 6.5 Medium |
| During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. | ||||
| CVE-2024-32236 | 1 Cmseasy | 1 Cmseasy | 2025-04-14 | 3.5 Low |
| An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in the index.php component. | ||||
| CVE-2024-23561 | 1 Hcltechsw | 2 Hcl Devops Deploy, Hcl Launch | 2025-04-11 | 4.3 Medium |
| HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values. | ||||
| CVE-2025-2440 | 2025-04-09 | 4.2 Medium | ||
| CWE-922: Insecure Storage of Sensitive Information vulnerability exists that could potentially lead to unauthorized access of confidential data when a malicious user, having physical access and advanced information on the file system, sets the radio in factory default mode. | ||||
| CVE-2022-2815 | 1 Publify Project | 1 Publify | 2025-04-07 | 6.5 Medium |
| Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10. | ||||
| CVE-2024-11702 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-05 | 7.5 High |
| Copying sensitive information from Private Browsing tabs on Android, such as passwords, may have inadvertently stored data in the cloud-based clipboard history if enabled. This vulnerability affects Firefox < 133 and Thunderbird < 133. | ||||
| CVE-2024-23232 | 1 Apple | 1 Macos | 2025-03-27 | 3.3 Low |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.4. An app may be able to capture a user's screen. | ||||
| CVE-2021-36546 | 1 Kitesky | 1 Kitecms | 2025-03-26 | 7.5 High |
| Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view sensitive information via path in application URL. | ||||