264 matches found
CVE-2024-7569
An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information...
CVE-2024-7569
An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information...
CVE-2024-7569
An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information...
CVE-2023-20512
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage...
CVE-2023-20512
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage...
CVE-2023-20512
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage...
PT-2024-11949 · Pmfw · Pmfw
Name of the Vulnerable Software and Affected Versions: PMFW affected versions not specified Description: A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage. Recommendations: At the moment, there is...
PT-2024-8346 · Ivanti · Ivanti Itsm +1
Name of the Vulnerable Software and Affected Versions: Ivanti ITSM on-premise and Neurons for ITSM versions 2023.4 and earlier Description: An information disclosure issue allows an unauthenticated attacker to obtain the OIDC client secret via debug information. This is related to insufficient...
CVE-2024-38516 Aimeos HTML client may potentially reveal sensitive information in error log
ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22...
CVE-2024-38516 Aimeos HTML client may potentially reveal sensitive information in error log
ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22...
Sensitive Information Disclosure
zendframework/zend-developer-tools is vulnerable to Sensitive Information Disclosure. The vulnerability is due to a change made during the update to support PHP 7.3 that potentially prevents toolbar entries, which are enabled by default, from being disabled. The attacker can exploit this by...
Aimeos HTML client may potentially reveal sensitive information in error log
Debug information can reveal sensitive information from environment variables in error log...
Fedora 40 : glycin-loaders / gnome-tour / helix / helvum / libipuz / loupe / etc (2024-ce2936b568)
The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-ce2936b568 advisory. This update contains builds from a mini-mass-rebuild for Rust applications and some C-style libraries. Rebuilding with the Rust 1.78 toolchain should fix...
DerbyNet 9.0 render-document.php Cross Site Scripting
CVE ID: CVE-2024-30920 Description: A Cross Site Scripting XSS vulnerability has been identified in DerbyNet v9.0, specifically within the render-document.php component. This vulnerability allows a remote attacker to execute arbitrary code via crafted URLs. The root cause of the vulnerability is...
CVE-2024-28339
An information leak in the debuginfo.htm component of Netgear CBR40 2.5.0.28, Netgear CBK40 2.5.0.28, and Netgear CBK43 2.5.0.28 allows attackers to obtain sensitive information without any authentication required...
GHSA-8FM4-R23P-V68V Jenkins MQ Notifier Plugin exposes sensitive information in build logs
Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...
Jenkins MQ Notifier Plugin exposes sensitive information in build logs
Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...
CVE-2024-28154
Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...
Default credentials
Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...
BIT-LUA-2020-24369
ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference...