Export limit exceeded: 15294 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (26 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-25050 | 1 Vendure | 1 Vendure | 2026-02-26 | 5.3 Medium |
| Vendure is an open-source headless commerce platform. Prior to version 3.5.3, the `NativeAuthenticationStrategy.authenticate()` method is vulnerable to a timing attack that allows attackers to enumerate valid usernames (email addresses). In `packages/core/src/config/auth/native-authentication-strategy.ts`, the authenticate method returns immediately if a user is not found. The significant timing difference (~200-400ms for bcrypt vs ~1-5ms for DB miss) allows attackers to reliably distinguish between existing and non-existing accounts. Version 3.5.3 fixes the issue. | ||||
| CVE-2025-64528 | 1 Discourse | 1 Discourse | 2026-02-20 | 5.3 Medium |
| Discourse is an open source discussion platform. Prior to versions 3.5.3, 2025.11.1, and 2025.12.0, an attacker who knows part of a username can find the user and their full name via UI or API, even when `enable_names` is disabled. Versions 3.5.3, 2025.11.1, and 2025.12.0 contain a fix. | ||||
| CVE-2024-6400 | 1 Finrota | 1 Finrota | 2025-10-14 | 7.5 High |
| Cleartext Storage of Sensitive Information, Exposure of Sensitive Information Through Data Queries vulnerability in Finrota Netahsilat allows Retrieve Embedded Sensitive Data, Authentication Bypass, IMAP/SMTP Command Injection, Collect Data from Common Resource Locations. This issue solved in versions 1.21.10, 1.23.01, 1.23.08, 1.23.11 and 1.24.03. | ||||
| CVE-2025-59352 | 2 Dragonflyoss, Linuxfoundation | 2 Dragonfly2, Dragonfly | 2025-09-18 | 9.8 Critical |
| Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the gRPC API and HTTP APIs allow peers to send requests that force the recipient peer to create files in arbitrary file system locations, and to read arbitrary files. This allows peers to steal other peers’ secret data and to gain remote code execution (RCE) capabilities on the peer’s machine.This vulnerability is fixed in 2.1.0. | ||||
| CVE-2024-1287 | 2 Paidmembershipspro, Strangerstudios | 2 Paid Memberships Pro, Paid Memberships Pro | 2025-08-27 | 6.5 Medium |
| The pmpro-member-directory WordPress plugin before 1.2.6 does not prevent users with at least the contributor role from leaking other users' sensitive information, including password hashes via an SQLi vector. | ||||
| CVE-2021-34782 | 1 Cisco | 1 Catalyst Center | 2025-07-23 | 4.3 Medium |
| A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote attacker to gain access to sensitive information that should be restricted. The attacker must have valid device credentials. This vulnerability is due to improper access controls on API endpoints. An attacker could exploit the vulnerability by sending a specific API request to an affected application. A successful exploit could allow the attacker to obtain sensitive information about other users who are configured with higher privileges on the application. | ||||
| CVE-2025-29981 | 1 Dell | 1 Wyse Management Suite | 2025-07-13 | 7.5 High |
| Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2025-36575 | 1 Dell | 1 Wyse Management Suite | 2025-07-11 | 7.5 High |
| Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2025-25205 | 1 Audiobookshelf | 1 Audiobookshelf | 2025-07-03 | 8.2 High |
| Audiobookshelf is a self-hosted audiobook and podcast server. Starting in version 2.17.0 and prior to version 2.19.1, a flaw in the authentication bypass logic allows unauthenticated requests to match certain unanchored regex patterns in the URL. Attackers can craft URLs containing substrings like "/api/items/1/cover" in a query parameter (?r=/api/items/1/cover) to partially bypass authentication or trigger server crashes under certain routes. This could lead to information disclosure of otherwise protected data and, in some cases, a complete denial of service (server crash) if downstream code expects an authenticated user object. Version 2.19.1 contains a patch for the issue. | ||||
| CVE-2024-38892 | 1 Wavlink | 2 Wn551k1, Wn551k1 Firmware | 2025-06-06 | 6.5 Medium |
| An issue in Wavlink WN551K1 allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component. | ||||
| CVE-2024-38895 | 1 Wavlink | 2 Wn551k1, Wn551k1 Firmware | 2025-06-06 | 5.3 Medium |
| WAVLINK WN551K1'live_mfg.shtml enables attackers to obtain sensitive router information. | ||||
| CVE-2024-38897 | 1 Wavlink | 2 Wn551k1, Wn551k1 Firmware | 2025-06-06 | 5.3 Medium |
| WAVLINK WN551K1'live_check.shtml enables attackers to obtain sensitive router information. | ||||
| CVE-2024-13255 | 1 Restful Web Services Project | 1 Restful Web Services | 2025-06-04 | 7.5 High |
| Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows Forceful Browsing.This issue affects RESTful Web Services: from 7.X-2.0 before 7.X-2.10. | ||||
| CVE-2023-0785 | 1 Mayurik | 1 Best Online News Portal | 2025-03-07 | 3.7 Low |
| A vulnerability classified as problematic was found in SourceCodester Best Online News Portal 1.0. Affected by this vulnerability is an unknown functionality of the file check_availability.php. The manipulation of the argument username leads to exposure of sensitive information through data queries. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-220645 was assigned to this vulnerability. | ||||
| CVE-2022-41623 | 1 Villatheme | 1 Dropshipping And Fulfillment For Aliexpress And Woocommerce | 2025-02-20 | 7.5 High |
| Sensitive Data Exposure in Villatheme ALD - AliExpress Dropshipping and Fulfillment for WooCommerce premium plugin <= 1.1.0 on WordPress. | ||||
| CVE-2024-20388 | 1 Cisco | 4 Firepower Management Center, Firepower Threat Defense, Firepower Threat Defense Software and 1 more | 2024-11-26 | 5.3 Medium |
| A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device. This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password reset on an affected device. A successful exploit could allow the attacker to determine valid user names in the unauthenticated response to a forced password reset. | ||||
| CVE-2023-41081 | 2 Apache, Redhat | 3 Tomcat Connectors, Enterprise Linux, Jboss Core Services | 2024-11-21 | 7.5 High |
| Important: Authentication Bypass CVE-2023-41081 The mod_jk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requests, mod_jk would use an implicit mapping and map the request to the first defined worker. Such an implicit mapping could result in the unintended exposure of the status worker and/or bypass security constraints configured in httpd. As of JK 1.2.49, the implicit mapping functionality has been removed and all mappings must now be via explicit configuration. Only mod_jk is affected by this issue. The ISAPI redirector is not affected. This issue affects Apache Tomcat Connectors (mod_jk only): from 1.2.0 through 1.2.48. Users are recommended to upgrade to version 1.2.49, which fixes the issue. History 2023-09-13 Original advisory 2023-09-28 Updated summary | ||||
| CVE-2023-20215 | 1 Cisco | 11 Asyncos, S195, S395 and 8 more | 2024-11-21 | 5.8 Medium |
| A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device. | ||||
| CVE-2023-1625 | 2 Openstack, Redhat | 3 Heat, Openstack, Openstack Platform | 2024-11-21 | 7.4 High |
| An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system. | ||||
| CVE-2022-20810 | 1 Cisco | 11 Catalyst 9800, Catalyst 9800-40, Catalyst 9800-40 Wireless Controller and 8 more | 2024-11-21 | 6.5 Medium |
| A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to insufficient restrictions that allow a sensitive configuration detail to be disclosed. An attacker could exploit this vulnerability by retrieving data through SNMP read-only community access. A successful exploit could allow the attacker to view Service Set Identifier (SSID) preshared keys (PSKs) that are configured on the affected device. | ||||