Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-38654

Summary
Assigner-HCL
Assigner Org ID-1e47fe04-f25f-42fa-b674-36de2c5e3cfc
Published At-04 Nov, 2022 | 20:19
Updated At-02 May, 2025 | 18:33
Rejected At-
Credits

HCL Domino is susceptible to an information disclosure vulnerability

HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:HCL
Assigner Org ID:1e47fe04-f25f-42fa-b674-36de2c5e3cfc
Published At:04 Nov, 2022 | 20:19
Updated At:02 May, 2025 | 18:33
Rejected At:
▼CVE Numbering Authority (CNA)
HCL Domino is susceptible to an information disclosure vulnerability

HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record.

Affected Products
Vendor
HCL Technologies Ltd.HCL Software
Product
HCL Domino
Default Status
unaffected
Versions
Affected
  • 9, 10, 11, 12
Problem Types
TypeCWE IDDescription
CWECWE-200CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Type: CWE
CWE ID: CWE-200
Description: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101017
N/A
Hyperlink: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101017
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101017
x_transferred
Hyperlink: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101017
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@hcl.com
Published At:04 Nov, 2022 | 21:15
Updated At:07 Nov, 2023 | 03:50

HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Secondary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CPE Matches
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:-:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_10_interim_fix_3:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_10_interim_fix_4:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_10_interim_fix_5:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8_interim_fix_1:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8_interim_fix_2:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8_interim_fix_3:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:fixpack_3:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:fixpack_4:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:fixpack_5:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:fixpack_6:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:fixpack_7:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:fixpack_8:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>9.0.1
cpe:2.3:a:hcltech:domino:9.0.1:fixpack_9:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>10.0.0
cpe:2.3:a:hcltech:domino:10.0.0:*:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>10.0.1
cpe:2.3:a:hcltech:domino:10.0.1:-:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>10.0.1
cpe:2.3:a:hcltech:domino:10.0.1:fixpack_1:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>10.0.1
cpe:2.3:a:hcltech:domino:10.0.1:fixpack_2:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>10.0.1
cpe:2.3:a:hcltech:domino:10.0.1:fixpack_3:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>10.0.1
cpe:2.3:a:hcltech:domino:10.0.1:fixpack_4:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>10.0.1
cpe:2.3:a:hcltech:domino:10.0.1:fixpack_5:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>10.0.1
cpe:2.3:a:hcltech:domino:10.0.1:fixpack_6:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>10.0.1
cpe:2.3:a:hcltech:domino:10.0.1:fixpack_7:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>11.0.1
cpe:2.3:a:hcltech:domino:11.0.1:-:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>11.0.1
cpe:2.3:a:hcltech:domino:11.0.1:fixpack_1:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>11.0.1
cpe:2.3:a:hcltech:domino:11.0.1:fixpack_2:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>11.0.1
cpe:2.3:a:hcltech:domino:11.0.1:fixpack_3:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>11.0.1
cpe:2.3:a:hcltech:domino:11.0.1:fixpack_4:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>11.0.1
cpe:2.3:a:hcltech:domino:11.0.1:fixpack_5:*:*:*:*:*:*
HCL Technologies Ltd.
hcltech
>>domino>>12.0
cpe:2.3:a:hcltech:domino:12.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-200Secondarypsirt@hcl.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-200
Type: Secondary
Source: psirt@hcl.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101017psirt@hcl.com
Vendor Advisory
Hyperlink: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101017
Source: psirt@hcl.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

357Records found
CVE-2024-23550
Matching Score-10
Assigner-HCL Software
ShareView Details
Matching Score-10
Assigner-HCL Software
CVSS Score-6.2||MEDIUM
EPSS-0.06% / 17.90%
||
7 Day CHG~0.00%
Published-03 Feb, 2024 | 05:32
Updated-03 Jun, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL DevOps Deploy / HCL Launch (UCD) may be vulnerable to sensitive information disclosure

HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-hcl_devops_deployhcl_launchLaunch / DevOps Deploy
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-23348
Matching Score-8
Assigner-HCL Software
ShareView Details
Matching Score-8
Assigner-HCL Software
CVSS Score-5.1||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 17:06
Updated-29 Oct, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Launch is vulnerable to sensitive information disclosure

HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-hcl_launchHCL Launch
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2024-42196
Matching Score-8
Assigner-HCL Software
ShareView Details
Matching Score-8
Assigner-HCL Software
CVSS Score-6.2||MEDIUM
EPSS-0.11% / 28.57%
||
7 Day CHG~0.00%
Published-06 Dec, 2024 | 14:47
Updated-14 Apr, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Launch is susceptible to Insertion of Sensitive Information into Log File vulnerability

HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-hcl_launchLaunch
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2023-37512
Matching Score-8
Assigner-HCL Software
ShareView Details
Matching Score-8
Assigner-HCL Software
CVSS Score-3.3||LOW
EPSS-0.10% / 26.79%
||
7 Day CHG+0.01%
Published-11 Aug, 2023 | 00:34
Updated-04 Oct, 2024 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Traveler Companion is vulnerable to revealing sensitive information via the task switcher

When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-traveler_companionHCL Traveler Companion
CVE-2023-37513
Matching Score-8
Assigner-HCL Software
ShareView Details
Matching Score-8
Assigner-HCL Software
CVSS Score-3.3||LOW
EPSS-0.10% / 26.79%
||
7 Day CHG+0.01%
Published-11 Aug, 2023 | 00:25
Updated-04 Oct, 2024 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Traveler To Do is vulnerable to revealing sensitive information via the task switcher

When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-traveler_to_doHCL Traveler To Do
CVE-2025-0273
Matching Score-8
Assigner-HCL Software
ShareView Details
Matching Score-8
Assigner-HCL Software
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 27.78%
||
7 Day CHG~0.00%
Published-27 Mar, 2025 | 05:03
Updated-11 Apr, 2025 | 16:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL DevOps Deploy / HCL Launch is susceptible to Insertion of Sensitive Information into Log File vulnerability

HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-hcl_devops_deployhcl_launchHCL DevOps Deploy / HCL Launch
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2020-4083
Matching Score-8
Assigner-HCL Software
ShareView Details
Matching Score-8
Assigner-HCL Software
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 17.03%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 18:39
Updated-04 Aug, 2024 | 07:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HCL Connections 6.5 is vulnerable to possible information leakage. Connections could disclose sensitive information via trace logs to a local user.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-connections"HCL Connections"
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2022-27548
Matching Score-8
Assigner-HCL Software
ShareView Details
Matching Score-8
Assigner-HCL Software
CVSS Score-4.9||MEDIUM
EPSS-0.10% / 26.91%
||
7 Day CHG~0.00%
Published-06 Jul, 2022 | 20:25
Updated-16 Sep, 2024 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Launch is vulnerable to information disclosure which can be read by a local user.

HCL Launch stores user credentials in plain clear text which can be read by a local user.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-hcl_launchHCL Launch
CWE ID-CWE-256
Plaintext Storage of a Password
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-27549
Matching Score-8
Assigner-HCL Software
ShareView Details
Matching Score-8
Assigner-HCL Software
CVSS Score-4||MEDIUM
EPSS-0.02% / 6.83%
||
7 Day CHG~0.00%
Published-06 Jul, 2022 | 20:25
Updated-16 Sep, 2024 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Launch could disclose sensitive database information to a local user in plain text.

HCL Launch may store certain data for recurring activities in a plain text format.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-hcl_launchHCL Launch
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-42192
Matching Score-8
Assigner-HCL Software
ShareView Details
Matching Score-8
Assigner-HCL Software
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.54%
||
7 Day CHG~0.00%
Published-16 Oct, 2025 | 20:24
Updated-29 Oct, 2025 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage

HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage which could allow an attacker to access other computers or applications.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-traveler_for_microsoft_outlookTraveler for Microsoft Outlook
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2024-42197
Matching Score-8
Assigner-HCL Software
ShareView Details
Matching Score-8
Assigner-HCL Software
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 2.52%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 19:40
Updated-12 Dec, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Workload Scheduler is vulnerable to plain text storage of a password

HCL Workload Scheduler stores user credentials in plain text which can be read by a local user.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-Workload Scheduler
CWE ID-CWE-256
Plaintext Storage of a Password
CVE-2023-28010
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-4||MEDIUM
EPSS-0.12% / 30.82%
||
7 Day CHG~0.00%
Published-08 Sep, 2023 | 17:36
Updated-26 Sep, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Domino is susceptible to a sensitive information disclosure vulnerability

In some configuration scenarios, the Domino server host name can be exposed. This information could be used to target future attacks.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-dominoHCL Domino Server
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-55265
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 3.76%
||
7 Day CHG~0.00%
Published-26 Mar, 2026 | 13:02
Updated-26 Mar, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Aftermarket DPC is affected by File Discovery

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-aftermarket_cloudAftermarket DPC
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-55276
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.1||LOW
EPSS-0.01% / 2.07%
||
7 Day CHG~0.00%
Published-26 Mar, 2026 | 12:46
Updated-26 Mar, 2026 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability

HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a clearer map of the organization’s network layout.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-aftermarket_cloudAftermarket DPC
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-50346
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.1||LOW
EPSS-0.19% / 40.50%
||
7 Day CHG~0.00%
Published-03 Jan, 2024 | 01:59
Updated-18 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
An information disclosure affects DRYiCE MyXalytics

HCL DRYiCE MyXalytics is impacted by an information disclosure vulnerability. Certain endpoints within the application disclose detailed file information.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-dryice_myxalyticsDRYiCE MyXalytics
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-31964
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-2.2||LOW
EPSS-0.01% / 2.70%
||
7 Day CHG-0.00%
Published-07 Jan, 2026 | 07:18
Updated-21 Jan, 2026 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL BigFix IVR is impacted by an improper service binding configuration

Improper service binding configuration in internal service components in HCL BigFix IVR version 4.2 allows a privileged attacker to impact service availability via exposure of administrative services bound to external network interfaces instead of the local authentication interface.

Action-Not Available
Vendor-HCLSoftwareHCL Technologies Ltd.
Product-bigfix_insights_for_vulnerability_remediationBigFix IVR
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-419
Unprotected Primary Channel
CVE-2025-31984
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.7||LOW
EPSS-0.04% / 12.04%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 13:44
Updated-07 May, 2026 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header

HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-bigfix_service_managementBigFix Service Management (SM)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-31985
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.7||LOW
EPSS-0.03% / 8.94%
||
7 Day CHG~0.00%
Published-20 May, 2026 | 11:28
Updated-20 May, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header

HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-bigfix_service_managementBigFix Service Management (SM)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-31975
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-2.6||LOW
EPSS-0.03% / 9.27%
||
7 Day CHG-0.00%
Published-06 May, 2026 | 13:51
Updated-07 May, 2026 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified.

HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially aiding attackers in targeting known vulnerabilities.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-bigfix_service_managementBigFix Service Management (SM)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-31976
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-4.8||MEDIUM
EPSS-0.05% / 14.60%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 13:49
Updated-07 May, 2026 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials

HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to potentially misuse them, if exfiltrated. .

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-bigfix_service_managementBigFix Service Management (SM)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2024-42209
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.5||LOW
EPSS-0.16% / 37.43%
||
7 Day CHG~0.00%
Published-17 Jul, 2025 | 19:24
Updated-29 Oct, 2025 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Connections is vulnerable to an information disclosure vulnerability

HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user to obtain sensitive information they are not entitled to, which is caused by improper handling of request data.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-connectionsConnections
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-42179
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-2||LOW
EPSS-0.27% / 51.20%
||
7 Day CHG~0.00%
Published-12 Jan, 2025 | 21:46
Updated-16 May, 2025 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL MyXalytics is affected by sensitive information disclosure vulnerability

HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response header exposes the Microsoft-HTTP API∕2.0 as the server's name & version.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-dryice_myxalyticsDRYiCE MyXalytics
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-42208
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.5||LOW
EPSS-0.32% / 55.78%
||
7 Day CHG~0.00%
Published-04 Apr, 2025 | 05:22
Updated-29 Oct, 2025 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Connections is vulnerable to an information disclosure vulnerability

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-connectionsHCL Connections
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-30118
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.5||LOW
EPSS-0.52% / 67.27%
||
7 Day CHG~0.00%
Published-09 Oct, 2024 | 20:03
Updated-10 Oct, 2024 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Connections is susceptible to a sensitive information disclosure vulnerability

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to because of improperly handling the request data.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-connectionsConnections
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-30106
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.5||LOW
EPSS-0.49% / 66.27%
||
7 Day CHG~0.00%
Published-28 Oct, 2024 | 21:35
Updated-08 Nov, 2024 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Connections is vulnerable to an information disclosure vulnerability

HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain sensitive information they are not entitled to due to the improper handling of request data.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-connectionsConnections
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-23562
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-5.3||MEDIUM
EPSS-0.86% / 75.49%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:57
Updated-23 Oct, 2024 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Domino is susceptible to an information disclosure vulnerability

A security vulnerability in HCL Domino could allow disclosure of sensitive configuration information. A remote unauthenticated attacker could exploit this vulnerability to obtain information to launch further attacks against the affected system.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-dominoDomino Serverdomino
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-23557
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.5||LOW
EPSS-0.38% / 60.12%
||
7 Day CHG~0.00%
Published-18 Apr, 2024 | 18:21
Updated-29 Oct, 2025 | 14:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Connections is vulnerable to a user enumeration vulnerability

HCL Connections contains a user enumeration vulnerability. Certain actions could allow an attacker to determine if the user is valid or not, leading to a possible brute force attack.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-connectionsConnectionsconnections
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-23563
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.9||LOW
EPSS-0.08% / 24.31%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 13:47
Updated-25 Nov, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Connections Docs is vulnerable to a sensitive information disclosure

HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-connections_docsConnections Docs
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-30135
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.3||LOW
EPSS-0.39% / 60.46%
||
7 Day CHG~0.00%
Published-28 Jun, 2024 | 07:22
Updated-30 Oct, 2025 | 18:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sensitive Information Disclosure vulnerability affects DRYiCE AEX v10

HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-dryice_aexDRYiCE AEX
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-55272
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.1||LOW
EPSS-0.01% / 2.07%
||
7 Day CHG~0.00%
Published-26 Mar, 2026 | 12:55
Updated-26 Mar, 2026 | 19:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Aftermarket DPC is affected by Banner Disclosure vulnerability

HCL Aftermarket DPC is affected by Banner Disclosure vulnerability where attackers gain insights into the system’s software and version details which would allow them to craft software specific attacks.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-aftermarket_cloudAftermarket DPC
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-52630
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.7||LOW
EPSS-0.03% / 10.53%
||
7 Day CHG~0.00%
Published-10 Oct, 2025 | 09:55
Updated-24 Oct, 2025 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL AION is susceptible to Missing or insecure "X-Content-Type-Options" header vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION.This issue affects AION: 2.0.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-aionAION
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-52631
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.7||LOW
EPSS-0.06% / 20.35%
||
7 Day CHG~0.00%
Published-03 Feb, 2026 | 18:16
Updated-11 Feb, 2026 | 15:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security (HSTS) Header vulnerability.

HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security (HSTS) Header vulnerability. This can allow insecure connections, potentially exposing the application to man-in-the-middle and protocol downgrade attacks.. This issue affects AION: 2.0.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-aionAION
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-52613
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 29.67%
||
7 Day CHG+0.03%
Published-06 May, 2026 | 13:50
Updated-07 May, 2026 | 14:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL BigFix Service Management (SM) is affected by use of a vulnerable component

HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of exploitation and unauthorized access.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-bigfix_service_managementBigFix Service Management (SM)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-52649
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-1.8||LOW
EPSS-0.03% / 9.45%
||
7 Day CHG~0.00%
Published-16 Mar, 2026 | 14:36
Updated-25 Apr, 2026 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL AION is affected by a vulnerability where certain identifiers may be predictable in nature

HCL AION is affected by a vulnerability where certain identifiers may be predictable in nature. Predictable identifiers may allow an attacker to infer or guess system-generated values, potentially leading to limited information disclosure or unintended access under specific conditions.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-aionAION
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-52634
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.7||LOW
EPSS-0.03% / 10.53%
||
7 Day CHG~0.00%
Published-10 Oct, 2025 | 09:40
Updated-24 Oct, 2025 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL AION is susceptible to Spring Boot Actuator Endpoints Exposed

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION This issue affects HCL AION: 2.0.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-aionHCL AION
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-31982
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-3.7||LOW
EPSS-0.04% / 11.18%
||
7 Day CHG+0.01%
Published-06 May, 2026 | 13:46
Updated-06 May, 2026 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directl

HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of information disclosure or misuse of sensitive functionality.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-bigfix_service_managementBigFix Service Management (SM)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-31955
Matching Score-6
Assigner-HCL Software
ShareView Details
Matching Score-6
Assigner-HCL Software
CVSS Score-7.6||HIGH
EPSS-0.34% / 56.87%
||
7 Day CHG~0.00%
Published-24 Jul, 2025 | 20:59
Updated-10 Oct, 2025 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL iAutomate is affected by a sensitive data exposure vulnerability

HCL iAutomate is affected by a sensitive data exposure vulnerability. This issue may allow unauthorized access to sensitive information within the system.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-dryice_iautomateiAutomate
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2010-2538
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 22.82%
||
7 Day CHG~0.00%
Published-30 Sep, 2010 | 14:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncSUSE
Product-ubuntu_linuxlinux_enterprise_desktoplinux_enterprise_high_availability_extensionlinux_enterprise_serverlinux_kerneln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2026-42973
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 21.74%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 17:06
Updated-10 Jun, 2026 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Push Notification Information Disclosure Vulnerability

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1809windows_10_22h2windows_10_1607windows_10_21h2windows_11_23h2windows_11_24h2windows_11_26h1windows_server_2019windows_server_2025windows_server_2016windows_server_2022windows_11_25h2Windows Server 2025 (Server Core installation)Windows 10 Version 1607Windows Server 2016Windows Server 2025Windows 10 Version 1809Windows 11 Version 25H2Windows Server 2022Windows Server 2016 (Server Core installation)Windows 10 Version 21H2Windows 11 Version 24H2Windows 10 Version 22H2Windows 11 version 23H2Windows 11 version 26H1Windows 11 Version 23H2Windows Server 2019 (Server Core installation)Windows Server 2019
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-41849
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 9.55%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 22:17
Updated-04 Aug, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following Personally Identifiable Information (PII) in plaintext using HTTP to servers located in China: user's list of installed apps and device International Mobile Equipment Identity (IMEI). This PII is transmitted to log.skyroam.com.cn using HTTP, independent of whether the user uses the Simo software.

Action-Not Available
Vendor-wikomobilebluproductslunan/a
Product-g9_firmwaresimog9tommy_3_firmwareg90_firmwaretommy_3_plussimo_firmwaretommy_3_plus_firmwareg90tommy_3n/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2026-42971
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 21.74%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 17:06
Updated-11 Jun, 2026 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Push Notification Information Disclosure Vulnerability

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1607windows_server_2025windows_server_2016windows_server_2022windows_10_22h2windows_11_23h2windows_11_24h2windows_11_25h2windows_11_26h1windows_server_2019windows_10_1809Windows Server 2025 (Server Core installation)Windows 10 Version 1607Windows Server 2016Windows Server 2025Windows 10 Version 1809Windows 11 Version 25H2Windows Server 2022Windows Server 2016 (Server Core installation)Windows 10 Version 21H2Windows 11 Version 24H2Windows 10 Version 22H2Windows 11 version 23H2Windows 11 version 26H1Windows 11 Version 23H2Windows Server 2019 (Server Core installation)Windows Server 2019
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-14335
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 27.70%
||
7 Day CHG~0.00%
Published-02 Jun, 2021 | 11:52
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-satelliteRed Hat Satellite
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2026-42906
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 21.74%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 17:06
Updated-11 Jun, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Shell Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_server_2025windows_server_2022windows_10_22h2windows_11_23h2windows_11_24h2windows_11_25h2windows_11_26h1Windows Server 2025 (Server Core installation)Windows 11 Version 24H2Windows Server 2025Windows 10 Version 22H2Windows 11 version 23H2Windows 11 Version 25H2Windows 11 version 26H1Windows 11 Version 23H2Windows Server 2022Windows 10 Version 21H2
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2026-42970
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 21.74%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 17:06
Updated-11 Jun, 2026 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Push Notification Information Disclosure Vulnerability

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1607windows_server_2025windows_server_2012windows_server_2016windows_server_2022windows_10_22h2windows_11_23h2windows_11_24h2windows_11_25h2windows_11_26h1windows_server_2019windows_10_1809Windows Server 2025 (Server Core installation)Windows 10 Version 1607Windows Server 2016Windows Server 2025Windows 10 Version 1809Windows 11 Version 25H2Windows Server 2022Windows Server 2016 (Server Core installation)Windows 10 Version 21H2Windows Server 2012 R2 (Server Core installation)Windows Server 2012 (Server Core installation)Windows 11 Version 24H2Windows 10 Version 22H2Windows 11 version 23H2Windows Server 2012Windows 11 version 26H1Windows Server 2012 R2Windows 11 Version 23H2Windows Server 2019 (Server Core installation)Windows Server 2019
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-36476
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.9||HIGH
EPSS-0.18% / 40.36%
||
7 Day CHG~0.00%
Published-29 Jun, 2023 | 00:18
Updated-27 Nov, 2024 | 14:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`calamares-nixos-extensions` LUKS keyfile exposure

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted `/boot`, on either non-UEFI systems or with a LUKS partition different from `/` have their LUKS key file in `/boot` as a plaintext CPIO archive attached to their NixOS initrd. A patch is available and anticipated to be part of version 0.3.13 to backport to NixOS 22.11, 23.05, and unstable channels. Expert users who have a copy of their data may, as a workaround, re-encrypt the LUKS partition(s) themselves.

Action-Not Available
Vendor-nixosNixOS
Product-calamares-nixos-extensionscalamares-nixos-extensions
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-13179
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.99%
||
7 Day CHG~0.00%
Published-11 Aug, 2020 | 18:06
Updated-04 Aug, 2024 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure.

Action-Not Available
Vendor-teradicin/a
Product-graphics_agentpcoip_standard_agent- PCoIP Standard Agent for Windows - PCoIP Graphics Agent for Windows
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
CVE-2020-12966
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.14% / 33.70%
||
7 Day CHG~0.00%
Published-04 Feb, 2022 | 22:29
Updated-17 Sep, 2024 | 01:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). A local authenticated attacker could potentially exploit this vulnerability leading to leaking guest data by the malicious hypervisor.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-epyc_embedded_7f72_firmwareepyc_7543epyc_7502_firmwareepyc_7402epyc_7262_firmwareepyc_7371_firmwareepyc_embedded_7371_firmwareepyc_embedded_7501epyc_7261epyc_7451epyc_7282_firmwareepyc_embedded_7f32epyc_7f32epyc_embedded_3251_firmwareepyc_7551_firmwareepyc_7272_firmwareepyc_embedded_7282epyc_7713pepyc_embedded_7451epyc_7443epyc_7513epyc_embedded_3201_firmwareepyc_embedded_7502p_firmwareepyc_embedded_7542_firmwareepyc_7232p_firmwareepyc_7702epyc_embedded_7702pepyc_7453epyc_7513_firmwareepyc_embedded_7262epyc_7542epyc_embedded_740p_firmwareepyc_7281_firmwareepyc_7413_firmwareepyc_7h12_firmwareepyc_7002epyc_7643_firmwareepyc_7f52epyc_embedded_3151_firmwareepyc_75f3epyc_7001epyc_embedded_7642_firmwareepyc_7f32_firmwareepyc_7502epyc_75f3_firmwareepyc_7001_firmwareepyc_7662_firmwareepyc_7f72_firmwareepyc_7343_firmwareepyc_7281epyc_7551epyc_embedded_740pepyc_embedded_7662epyc_7551pepyc_7313pepyc_7002_firmwareepyc_embedded_3101epyc_embedded_7302epyc_embedded_7642epyc_7551p_firmwareepyc_embedded_7551_firmwareepyc_embedded_7f32_firmwareepyc_embedded_7h12epyc_7601_firmwareepyc_embedded_3451_firmwareepyc_7352epyc_embedded_7301epyc_embedded_7401_firmwareepyc_7713_firmwareepyc_7401epyc_7742epyc_embedded_7252_firmwareepyc_7272epyc_7713epyc_7003_firmwareepyc_7443p_firmwareepyc_embedded_7742_firmwareepyc_7003epyc_embedded_3351_firmwareepyc_embedded_7402_firmwareepyc_embedded_7402p_firmwareepyc_embedded_3451epyc_embedded_7261epyc_embedded_7352_firmwareepyc_7261_firmwareepyc_embedded_7301_firmwareepyc_embedded_7232p_firmwareepyc_embedded_3201epyc_embedded_7532epyc_embedded_7302pepyc_embedded_7h12_firmwareepyc_7742_firmwareepyc_embedded_7261_firmwareepyc_7501epyc_7501_firmwareepyc_embedded_7452epyc_embedded_7272epyc_embedded_7552epyc_7301_firmwareepyc_embedded_7502pepyc_embedded_7371epyc_embedded_7451_firmwareepyc_7443_firmwareepyc_7402pepyc_7343epyc_embedded_7742epyc_7252_firmwareepyc_7543_firmwareepyc_embedded_7501_firmwareepyc_embedded_755pepyc_7542_firmwareepyc_7763_firmwareepyc_embedded_7302p_firmwareepyc_embedded_7502_firmwareepyc_embedded_7232pepyc_embedded_735pepyc_embedded_7351_firmwareepyc_7313p_firmwareepyc_7252epyc_7502pepyc_embedded_7252epyc_7302p_firmwareepyc_7351p_firmwareepyc_embedded_7f52_firmwareepyc_embedded_3251epyc_embedded_755p_firmwareepyc_embedded_3101_firmwareepyc_7642_firmwareepyc_embedded_7532_firmwareepyc_7452epyc_7h12epyc_embedded_7601_firmwareepyc_7543p_firmwareepyc_embedded_7402epyc_7401pepyc_embedded_7f72epyc_7302epyc_7601epyc_embedded_3255_firmwareepyc_embedded_7601epyc_7232pepyc_embedded_7302_firmwareepyc_embedded_7401epyc_7663epyc_7552_firmwareepyc_embedded_3351epyc_embedded_7702_firmwareepyc_72f3_firmwareepyc_7371epyc_embedded_7251_firmwareepyc_7f72epyc_7662epyc_7642epyc_7451_firmwareepyc_7532_firmwareepyc_embedded_7281_firmwareepyc_embedded_7542epyc_7502p_firmwareepyc_embedded_7662_firmwareepyc_7413epyc_7301epyc_7401p_firmwareepyc_embedded_7551epyc_7313epyc_7351pepyc_embedded_7282_firmwareepyc_7663_firmwareepyc_embedded_7702p_firmwareepyc_7351_firmwareepyc_7251epyc_7552epyc_7302pepyc_7702p_firmwareepyc_embedded_7552_firmwareepyc_74f3_firmwareepyc_7763epyc_7302_firmwareepyc_embedded_3151epyc_embedded_3255epyc_7402_firmwareepyc_7713p_firmwareepyc_73f3_firmwareepyc_7702pepyc_embedded_7402pepyc_embedded_7281epyc_7f52_firmwareepyc_7262epyc_embedded_7262_firmwareepyc_embedded_7352epyc_embedded_7702epyc_embedded_7452_firmwareepyc_7251_firmwareepyc_7401_firmwareepyc_72f3epyc_7643epyc_embedded_7251epyc_embedded_735p_firmwareepyc_7402p_firmwareepyc_7452_firmwareepyc_7351epyc_7543pepyc_7313_firmwareepyc_embedded_7272_firmwareepyc_7443pepyc_7453_firmwareepyc_7282epyc_embedded_7f52epyc_embedded_7502epyc_7702_firmwareepyc_74f3epyc_7352_firmwareepyc_7532epyc_embedded_7351epyc_73f31st/2nd/3rd Gen AMD EPYC™ Processors
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2026-4040
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.02% / 5.25%
||
7 Day CHG~0.00%
Published-12 Mar, 2026 | 12:02
Updated-16 Mar, 2026 | 18:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenClaw File Existence tools.exec.safeBins information exposure

A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of the component File Existence Handler. The manipulation leads to information exposure through discrepancy. The attack needs to be performed locally. Upgrading to version 2026.2.19-beta.1 is capable of addressing this issue. The identifier of the patch is bafdbb6f112409a65decd3d4e7350fbd637c7754. Upgrading the affected component is advised.

Action-Not Available
Vendor-n/aOpenClaw
Product-openclawOpenClaw
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-203
Observable Discrepancy
CVE-2020-12987
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 25.75%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 21:50
Updated-17 Sep, 2024 | 01:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.Microsoft Corporation
Product-radeon_softwareradeon_pro_softwarewindows_10AMD Radeon Software
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-11221
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 14.11%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwarepmd9607_firmwareqfe4455fc_firmwareqca8337qfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwaremdm9645wcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwarepm7150lqcc1110_firmwarepm8998_firmwareqpa8821sd_455_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gmdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwaremdm9230_firmwaresmb2351_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150awtr4605_firmwareqca9367_firmwaremdm8207pm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9306_firmwarewcd9340sd765gsdr660qfe1045_firmwareqfe3345msm8209_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmb1358qca6696_firmwareqln5020wcd9371sd870_firmwarepmm855au_firmwaresd_8cxwtr3950qfe3340qdm5621qtc800sqca4004qat3514_firmwaremdm9330_firmwaresd660sd865_5g_firmwaresd712pm640p_firmwaresd660_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qfe3335_firmwareqpa8801sdm429wpm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwareqpa8842sdr052_firmwarepmm8996auwcd9380qualcomm215qln4640qcs410qpm5579_firmwaresmb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwareqfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwaresd439_firmwarepmd9645qdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqca6584_firmwareqdm2301_firmwaremsm8937_firmwareqdm5621_firmwareqpm6375sd_8c_firmwaresd835wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605sd678_firmwareqpm5621_firmwareqln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwareapq8084_firmwaresdr105pm660a_firmwarepm215pm4250qpm5577mdm8207_firmwaresdm630_firmwarewtr2965mdm9205_firmwareqca6391_firmwaresa2150ppmx20_firmwaresd820_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qat3555_firmwarepmi8994qpa8803_firmwarewcn3660qca9379pm855bsmb2351qln1031pm8909mdm9150_firmwareqfe1040pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qfe1040_firmwarecsrb31024mdm9628_firmwareqfe2340_firmwaremdm9650sd_636pmx24_firmwareqbt1500_firmwarepmk8001qcs4290pmm855aumdm9250qca6420_firmwarepmd9635_firmwareapq8009_firmwarepm7150asd675_firmwareqpa4361_firmwareqca6426wcn3990_firmwareqca9377qpa5373_firmwaresdw2500_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwarewhs9410rgr7640au_firmwarewtr2955pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qca6584qln1031_firmwaresdx55_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwarepm8940mdm9207qsm7250_firmwarepm7150l_firmwarewcd9306qca6584aumsm8208qat5515_firmwarepm855qpm8830_firmwaresd429pm8250qca9367qfe2082fc_firmwaresdm630mdm9607_firmwaremdm9655_firmwaremsm8976sgqfs2530_firmwarepmx55sa415m_firmwarewcn3988_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwarepm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwareqca6390wcd9375aqt1000msm8976sm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwaresdx20_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998sdw3100smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qln1020_firmwaremdm9630_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwareqfe4373fc_firmwaresd865_5gqca6595pm8150_firmwareqpm8830pmm8996au_firmwareqat5522pm8150csd665_firmwareqpa4360sc8180xqpa4361mdm9206qpm5577_firmwareqdm5679_firmwaresmr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765pmx20pmd9607qca6574a_firmwareqat3555sd850_firmwareapq8009qfe2082fcwtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801spmi8940_firmwaresc8180x_firmwareqfe3320sd710mdm9607mdm9645_firmwarepm8008_firmwareqln1035bd_firmwarepmr735a_firmwarepmw3100pmx50qfe3345_firmwaresdr8250sd768gqln1030_firmwarepmw3100_firmwarepm8004pm640lmsm8940pmk8002apq8096au_firmwaresdw2500sd845smb1357pmd9655au_firmwareqca617_firmwareqcs410_firmwaremdm9330qpa5580qpm5579qfe2550qcs610pmi8996qfe1045qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsdr8250_firmwareqcs2290qca6335msm8917qln1020qcs605_firmwaresd_675_firmwarewtr3905qdm5671pmc1000hqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwaremdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000msm8909wwcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwareqpa5460_firmwarepm8940_firmwareqdm3301_firmwarepm8996qsm7250qcs6125sd662_firmwareqcc1110smb1360qualcomm215_firmwareqfe3440fcqdm2308_firmwarersw8577_firmwarepm439_firmwareqca4020_firmwareqca6436wcn6851qcs603_firmwareqpa6560msm8937sdr675_firmwarewcn3660_firmwarewcd9341pmi8952mdm9655pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwaremdm9207_firmwaresd855_firmwareqdm5650wcn3988wtr3925qfe2080fcsdr052smb1390sdw3100_firmwaremsm8208_firmwareqet4100wcn3610msm8608mdm9640qpa8686_firmwareqpm6585qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwarewgr7640csr6030qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresmb1395smb358spm660lsmb358s_firmwarear8151smr526wtr5975qca6430_firmwarewcd9335_firmwareqtc801s_firmwarewcn3980qat3522_firmwareqca6335_firmwareqsw8573qcs605qbt1000wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mqca6421_firmwarewtr3905_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd821_firmwarewcn3680_firmwareqca617pm855lwcn6851_firmwareqdm5670_firmwarepmd9635pm7150a_firmwarepm8150b_firmwareqfe4302sd_636_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaremsm8976sg_firmwaresdr105_firmwarepmd9645_firmwaresd870pm670sd210_firmwareqdm5677pm8005pm855_firmwareqdm2302sdxr1pm855b_firmwareapq8096auqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqet5100msa8155psd675wtr4605sd439qet4101pm8952qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcsd678sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456qfe2081fc_firmwaresmb1360_firmwareqet5100_firmwareqpa5373pm670l_firmwaresdr660gqfe2340sd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516smb358_firmwaresd662qpa8821_firmwareqfe4308sdr660g_firmwareapq8037pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqdm2305qca6310qpm8820pm8937qpm2630qfe2081fcqln5020_firmwaresa515m_firmwaresdxr2_5gapq8084sd821sdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm4125_firmwarear8035qpa8673qca6694_firmwareqdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqca6694aupm8952_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwaresd820wcn6850_firmwarewcn3620smb358csr6030_firmwareqca6564apmx24qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990sd_675qtm527qfe3440fc_firmwaresdx24pmi8994_firmwareqdm2307_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwareqfe1035pmi8940sm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwarewcn6750pm8956_firmwareqet5100m_firmwareqpm4650mdm9205qtm525sa515msa2150p_firmwarewtr6955qfe3335sd855sm4125_firmwareqfe4305wtr6955_firmwarepm640psd768g_firmwaresdr865_firmwaremsm8209qfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351smb1357_firmwareaqt1000_firmwarepm215_firmwaremsm8920qpm8895_firmwarepm660aqpa4340qfe1035_firmwareqcm4290sdx50mpm640asdr8150sdx20pm8916pmd9655aumsm8920_firmwaresmb1395_firmwaresd_455pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308wtr4905_firmwareqat3550mdm9150qdm5679sd_8cwcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwaremsm8608_firmwareqpa2625apq8037_firmwaresm7250psd720g_firmwarepm8956sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 7
  • 8
  • Next
Details not found