Total
9647 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-41734 | 1 Ibm | 2 Maximo Application Suite, Maximo Asset Management | 2025-03-12 | 5.3 Medium |
| IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 237587. | ||||
| CVE-2022-34351 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2025-03-12 | 5.9 Medium |
| IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. IBM X-Force ID: 230402. | ||||
| CVE-2023-0901 | 1 Pixelfed | 1 Pixelfed | 2025-03-12 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository pixelfed/pixelfed prior to 0.11.4. | ||||
| CVE-2024-13638 | 2025-03-12 | 5.9 Medium | ||
| The Order Attachments for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.1 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which can contain file attachments added to orders. | ||||
| CVE-2025-22961 | 2025-03-12 | 8 High | ||
| A critical information disclosure vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters due to Incorrect Access Control (CWE-284). Unauthenticated attackers can directly access sensitive database backup files (snapshot_users.db) via publicly exposed URLs (/logs/devcfg/snapshot/ and /logs/devcfg/user/). Exploiting this vulnerability allows retrieval of sensitive user data, including login credentials, potentially leading to full system compromise. | ||||
| CVE-2023-0994 | 1 Rosariosis | 1 Rosariosis | 2025-03-12 | 7.5 High |
| Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository francoisjacquet/rosariosis prior to 10.8.2. | ||||
| CVE-2022-32896 | 1 Apple | 1 Macos | 2025-03-12 | 5.5 Medium |
| This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. A user may be able to view sensitive user information. | ||||
| CVE-2022-22668 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-12 | 5.5 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A malicious application may be able to leak sensitive user information. | ||||
| CVE-2022-48319 | 1 Checkmk | 1 Checkmk | 2025-03-12 | 6.5 Medium |
| Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk <= 2.1.0p13, Checkmk <= 2.0.0p29, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to gain access to the host secret through the unprotected agent updater log file. | ||||
| CVE-2020-9846 | 1 Apple | 1 Macos | 2025-03-11 | 5.3 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs. | ||||
| CVE-2021-46841 | 1 Apple | 1 Music | 2025-03-11 | 5.9 Medium |
| This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity. | ||||
| CVE-2022-32855 | 1 Apple | 2 Ipados, Iphone Os | 2025-03-11 | 5.5 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6. A user may be able to view restricted content from the lock screen. | ||||
| CVE-2022-32836 | 1 Apple | 1 Music | 2025-03-11 | 7.5 High |
| This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data. | ||||
| CVE-2022-32824 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2025-03-11 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. | ||||
| CVE-2022-32784 | 1 Apple | 3 Ipados, Iphone Os, Safari | 2025-03-11 | 6.5 Medium |
| The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data. | ||||
| CVE-2023-23500 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-11 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to leak sensitive kernel state. | ||||
| CVE-2023-23499 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-11 | 5.5 Medium |
| This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to access user-sensitive data. | ||||
| CVE-2023-1055 | 2 Fedoraproject, Redhat | 2 Fedora, Directory Server | 2025-03-11 | 5.5 Medium |
| A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality. | ||||
| CVE-2023-22577 | 1 Home.cern | 2 White Rabbit Switch, White Rabbit Switch Firmware | 2025-03-11 | 9.8 Critical |
| Within White Rabbit Switch it's possible as an unauthenticated user to retrieve sensitive information such as password hashes and the SNMP community strings. | ||||
| CVE-2024-27120 | 2 Celsius Benelux, Celsiusbenelux | 2 Comfortkey, Comfortkey | 2025-03-11 | 7.5 High |
| A Local File Inclusion vulnerability has been found in ComfortKey, a product of Celsius Benelux. Using this vulnerability, an unauthenticated attacker may retrieve sensitive information about the underlying system. The vulnerability has been remediated in version 24.1.2. | ||||