CWE-359: CWE-359

An authenticated low-privileged user in Dokploy can access detailed profile information of other users in the same organization, exposing personally-i...

This vulnerability in GitLab CE/EE allows unauthorized users to view full email addresses that should be partially obscured under certain conditions. ...

An authenticated low-privilege attacker can exploit the AOS-CX REST interface vulnerability to view encrypted credentials of other users on affected s...

The Jeg Elementor Kit WordPress plugin exposes sensitive template data through insecure functions. Authenticated attackers with Contributor-level acce...

The HT Event WordPress plugin (versions up to 1.4.7) exposes sensitive template data through an information disclosure vulnerability. Authenticated at...

This vulnerability allows unintentional clipboard sharing during TeamViewer meetings. When a user joins a meeting, their clipboard content could be ex...

HCL BigFix Query WebUI has an information disclosure vulnerability where HTTP GET requests can expose group names and active user IDs. This affects or...

This vulnerability allows authenticated administrators with read permissions in Fortinet FortiManager, FortiAnalyzer, and FortiAnalyzer-BigData to acc...

This vulnerability in Firefox for iOS incorrectly shared cookie storage between private (Incognito) and normal browsing sessions, allowing data from p...

This vulnerability in GitLab allows authenticated users to bypass asset proxy protection by referencing specially crafted images, potentially leaking ...

The mObywatel iOS application fails to properly clear sensitive data from the App Switcher preview, allowing unauthorized users to view personal infor...

This vulnerability allows authenticated attackers in the Crazy Bubble Tea mobile app to access other users' personal information by enumerating loyalt...

An authenticated attacker using M-Files Web can capture session tokens of other active users, potentially allowing impersonation and unauthorized acce...