Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure of restricted web page, modification of web page and denial of service
Priority PRI WEB Portal Add-On for Priority ERP on prem - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Cybonet - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack. Successful exploit
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that caus
AccuPOS - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-8884
CRITICAL CVSS 9.8
Find Similar
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause exposure of credentials when attacker has access to application on network over http
The Kiwire Captive Portal contains a reflected cross-site scripting (XSS) vulnerability within the login-url parameter, allowing for Javascript execution.
This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users.
CWE-200: Information Exposure vulnerability exists that could cause disclosure of credentials when a specially crafted message is sent to the device.
Mashov – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Page 1+ Next →