Lucene search
+L

264 matches found

OSV
OSV
added 2024/08/13 7:15 p.m.4 views

CVE-2024-7569

An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information...

9.8CVSS7.3AI score0.01639EPSS
Exploits0References1
NVD
NVD
added 2024/08/13 7:15 p.m.20 views

CVE-2024-7569

An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information...

9.8CVSS0.01639EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/13 6:10 p.m.33 views

CVE-2024-7569

An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information...

9.6CVSS0.01639EPSS
Exploits0References1
NVD
NVD
added 2024/08/13 5:15 p.m.20 views

CVE-2023-20512

A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage...

1.9CVSS0.00128EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/13 4:52 p.m.14 views

CVE-2023-20512

A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage...

1.9CVSS6.5AI score0.00128EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/13 4:52 p.m.34 views

CVE-2023-20512

A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage...

1.9CVSS0.00128EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/13 12:0 a.m.4 views

PT-2024-11949 · Pmfw · Pmfw

Name of the Vulnerable Software and Affected Versions: PMFW affected versions not specified Description: A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage. Recommendations: At the moment, there is...

1.9CVSS6.8AI score0.00128EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.4 views

PT-2024-8346 · Ivanti · Ivanti Itsm +1

Name of the Vulnerable Software and Affected Versions: Ivanti ITSM on-premise and Neurons for ITSM versions 2023.4 and earlier Description: An information disclosure issue allows an unauthenticated attacker to obtain the OIDC client secret via debug information. This is related to insufficient...

9.8CVSS8.6AI score0.01639EPSS
Exploits0References28
Cvelist
Cvelist
added 2024/06/25 8:8 p.m.46 views

CVE-2024-38516 Aimeos HTML client may potentially reveal sensitive information in error log

ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22...

8.8CVSS0.0051EPSS
Exploits0References2
OSV
OSV
added 2024/06/25 8:8 p.m.25 views

CVE-2024-38516 Aimeos HTML client may potentially reveal sensitive information in error log

ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22...

8.8CVSS6.3AI score0.0051EPSS
Exploits0References4
Veracode
Veracode
added 2024/06/25 12:0 p.m.12 views

Sensitive Information Disclosure

zendframework/zend-developer-tools is vulnerable to Sensitive Information Disclosure. The vulnerability is due to a change made during the update to support PHP 7.3 that potentially prevents toolbar entries, which are enabled by default, from being disabled. The attacker can exploit this by...

6.9AI score
Exploits0
GitLab Advisory Database
GitLab Advisory Database
added 2024/06/25 12:0 a.m.52 views

Aimeos HTML client may potentially reveal sensitive information in error log

Debug information can reveal sensitive information from environment variables in error log...

8.8CVSS6.5AI score0.0051EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/05/28 12:0 a.m.11 views

Fedora 40 : glycin-loaders / gnome-tour / helix / helvum / libipuz / loupe / etc (2024-ce2936b568)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-ce2936b568 advisory. This update contains builds from a mini-mass-rebuild for Rust applications and some C-style libraries. Rebuilding with the Rust 1.78 toolchain should fix...

5.6AI score
Exploits0References1
Packet Storm
Packet Storm
added 2024/04/05 12:0 a.m.264 views

DerbyNet 9.0 render-document.php Cross Site Scripting

CVE ID: CVE-2024-30920 Description: A Cross Site Scripting XSS vulnerability has been identified in DerbyNet v9.0, specifically within the render-document.php component. This vulnerability allows a remote attacker to execute arbitrary code via crafted URLs. The root cause of the vulnerability is...

7.4AI score0.01027EPSS
Exploits2
OSV
OSV
added 2024/03/12 5:15 p.m.5 views

CVE-2024-28339

An information leak in the debuginfo.htm component of Netgear CBR40 2.5.0.28, Netgear CBK40 2.5.0.28, and Netgear CBK43 2.5.0.28 allows attackers to obtain sensitive information without any authentication required...

5.4CVSS5.8AI score0.00428EPSS
Exploits1References2
OSV
OSV
added 2024/03/06 6:30 p.m.26 views

GHSA-8FM4-R23P-V68V Jenkins MQ Notifier Plugin exposes sensitive information in build logs

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...

6.5CVSS6.5AI score0.00679EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/03/06 6:30 p.m.30 views

Jenkins MQ Notifier Plugin exposes sensitive information in build logs

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...

6.5CVSS6.5AI score0.00679EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/03/06 5:15 p.m.7 views

CVE-2024-28154

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...

6.5CVSS6.3AI score
Exploits0References2
Prion
Prion
added 2024/03/06 5:15 p.m.23 views

Default credentials

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...

6.3AI score0.00679EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 10:56 a.m.26 views

BIT-LUA-2020-24369

ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference...

7.5CVSS7.3AI score0.01732EPSS
Exploits1References3
Rows per page
Query Builder