CVE-2025-44017
"Gunosy" App contains a vulnerability where sensitive information may be included in the application's outbound communication. If a user accesses a crafted URL, an attacker may obtain the JWT (JSON Web Token).
CVE-2025-55750
Gitpod is a developer platform for cloud development environments. In versions before main-gha.33628 for both Gitpod Classic and Gitpod Classic Enterprise, OAuth integration with Bitbucket in certain conditions allowed a crafted link to exp…
CVE-2025-20348
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on…
CVE-2025-43768
Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows authenticated users without an…
CVE-2025-41415
The vulnerability, if exploited, could allow an authenticated miscreant
(with privileges to access publication targets) to retrieve sensitive
information that could then be used to gain additional access to
downstream resources.
CVE-2025-55715
Insertion of Sensitive Information Into Sent Data vulnerability in Themeisle Otter - Gutenberg Block otter-blocks allows Retrieve Embedded Sensitive Data.This issue affects Otter - Gutenberg Block: from n/a through
CVE-2025-54008
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetSmartFilters jet-smart-filters allows Retrieve Embedded Sensitive Data.This issue affects JetSmartFilters: from n/a through
CVE-2025-53998
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows Retrieve Embedded Sensitive Data.This issue affects JetWooBuilder: from n/a through
CVE-2025-53993
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetPopup jet-popup allows Retrieve Embedded Sensitive Data.This issue affects JetPopup: from n/a through
CVE-2025-53992
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetTricks jet-tricks allows Retrieve Embedded Sensitive Data.This issue affects JetTricks: from n/a through
CVE-2025-53988
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Retrieve Embedded Sensitive Data.This issue affects JetBlocks For Elementor: from n/a through
CVE-2025-53987
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetMenu jet-menu allows Retrieve Embedded Sensitive Data.This issue affects JetMenu: from n/a through
CVE-2025-53985
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetTabs jet-tabs allows Retrieve Embedded Sensitive Data.This issue affects JetTabs: from n/a through
CVE-2025-53983
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetElements For Elementor jet-elements allows Retrieve Embedded Sensitive Data.This issue affects JetElements For Elementor: from n/a through
CVE-2025-53196
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetEngine jet-engine allows Retrieve Embedded Sensitive Data.This issue affects JetEngine: from n/a through
CVE-2025-49408
Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data. This issue affects Templately: from n/a through 3.2.7.
CVE-2025-55710
Insertion of Sensitive Information Into Sent Data vulnerability in Steve Burge TaxoPress simple-tags allows Retrieve Embedded Sensitive Data.This issue affects TaxoPress: from n/a through
CVE-2025-54685
Insertion of Sensitive Information Into Sent Data vulnerability in Brainstorm Force SureDash suredash allows Retrieve Embedded Sensitive Data.This issue affects SureDash: from n/a through
CVE-2025-8862
YugabyteDB has been collecting diagnostics information from YugabyteDB servers, which may include sensitive gflag configurations. To mitigate this, we recommend upgrading the database to a version where this information is properly redacted…
CVE-2025-7204
In ConnectWise PSA versions older than 2025.9, a
vulnerability exists where authenticated users could gain access to sensitive
user information. Specific API requests were found to return an overly verbose
user object, which included encryp…