CVE-2015-6941

winuseradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs...

CVE-2015-6941

Salt CVE-2015-6941 affects Salt 2015.5.x before 2015.5.6 and 2015.8.x before 2015.8.1, where win_useradd, salt-cloud and the Linode driver leak password information in debug logs. Impact: password information is exposed in logs. Remediation: upgrade to Salt 2015.5.6 or 2015.8.1 as indicated by th...

CVE-2015-6941

Removed by vendor...

Certificate Based Authentication : Troubleshooting Tips

This document specifically addresses some common troubleshooting tips and guidelines that would help in tackling certain issues related with the Certificate based authenticationCBA. Please ensure that the initial configuration is set as per the article: https://support.citrix.com/article/CTX22047...

Information disclosure

DISPUTED An issue was discovered in SMA Solar Technology products. When signed into Sunny Explorer with a wrong password, it is possible to create a debug report, disclosing information regarding the application and allowing the attacker to create and save a .txt file with contents to his liking...

CVE-2017-9862

An issue was discovered in SMA Solar Technology products. When signed into Sunny Explorer with a wrong password, it is possible to create a debug report, disclosing information regarding the application and allowing the attacker to create and save a .txt file with contents to his liking. An...

CVE-2017-9862

An issue was discovered in SMA Solar Technology products. When signed into Sunny Explorer with a wrong password, it is possible to create a debug report, disclosing information regarding the application and allowing the attacker to create and save a .txt file with contents to his liking. An...

CVE-2017-9862

SMA Solar Technology Sunny Explorer information-disclosure (CVE-2017-9862) affects Sunny Boy TLST-21/TL-21 and Sunny Tripower TL-10/TL-30. When signing in with an incorrect password, a debug report can be created that exposes application information and allows saving a .txt file with arbitrary co...

PT-2017-19228 · Sma Solar Technology · Sunny Boy Tlst-21 +3

Name of the Vulnerable Software and Affected Versions: SMA Solar Technology products, specifically Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 Description: An issue in SMA Solar Technology products allows information disclosure when a user signs into Sunny Explorer with an...

CVE-2017-11387

Authentication Bypass in Trend Micro Control Manager 6.0 causes Information Disclosure when authentication validation is not done for functionality that can change debug logging level. Formerly ZDI-CAN-4512...

Stack overflow

Stack-based buffer overflow in hw/usb/redirect.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU process crash via vectors related to logging debug messages...

CVE-2017-10806

Stack-based buffer overflow in hw/usb/redirect.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU process crash via vectors related to logging debug messages...

CVE-2017-10806

Stack-based buffer overflow in hw/usb/redirect.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU process crash via vectors related to logging debug messages...

CVE-2017-10806

Stack-based buffer overflow in hw/usb/redirect.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU process crash via vectors related to logging debug messages...

Sound eXchange (SoX) 14.4.2 - Multiple Vulnerabilities

Exploit for linux platform in category dos / poc Sound eXchange SoX multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= SoX is a cross-platform Windows, Linux, MacOS X, etc. command line utility that can convert various formats of computer audio...

Trend Micro Control Manager Debug Level Authentication Bypass Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of debug settings. The software does not provide...

Fedora 26 : php-symfony (2017-4fcbd8a4c3)

2.8.25 2017-07-17 - security 23507 Security validate empty passwords again xabbuh - bug 23526 HttpFoundation Set meta refresh time to 0 in RedirectResponse content jnvsor - bug 23540 Disable inlining deprecated services alekitto - bug 23468 DI Handle root namespace in service definitions ro0NL -...

Password Reset And Recovery

pagekit/pagekit is vulnerable to password reset and recovery. Attackers are able to reset a registered user's password when the debug toolbar is enabled. By doing this, attackers are able to recover the password...

Cross-site Scripting (XSS)

yiisoft/yii2 is vulnerable to cross-site scripting XSS.When debug mode is enabled, the $exception-errorInfo is mishandled, allowing attackers to execute XSS attacks...

CVE-2017-11516

An XSS vulnerability exists in framework/views/errorHandler/exception.php in Yii Framework 2.0.12 affecting the exception screen when debug mode is enabled, because $exception-errorInfo is mishandled...