Lucene search
K

80 matches found

Positive Technologies
Positive Technologies
added 2025/02/27 12:0 a.m.4 views

PT-2025-8955 · Ibm · Ibm Entirex

Name of the Vulnerable Software and Affected Versions: IBM EntireX version 11.1 Description: A local user could obtain sensitive information when a detailed technical error message is returned, which could be used in further attacks against the system. Recommendations: For IBM EntireX version 11....

3.3CVSS6.3AI score0.00135EPSS
Exploits0References5
OSV
OSV
added 2024/12/09 1:35 p.m.8 views

CVE-2024-53948 Apache Superset: Error verbosity exposes metadata in analytics databases

Generation of Error Message Containing analytics metadata Information in Apache Superset. This issue affects Apache Superset: before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue...

5.3CVSS5.9AI score0.00787EPSS
Exploits0References4
OSV
OSV
added 2024/11/14 1:15 p.m.8 views

AZL-53206 CVE-2024-10977 affecting package postgresql for versions less than 16.5-1

Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistake...

3.7CVSS7.3AI score0.0038EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.14 views

RHEL 8 : Red Hat Product OCP Tools 4.12 Openshift Jenkins (RHSA-2024:8886)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8886 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.8CVSS6.6AI score0.48081EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/05/24 8:19 p.m.19 views

github.com/huandu/facebook may expose access_token in error message.

Summary accesstoken can be exposed in error message on fail in HTTP request. Details Using this module, when HTTP request fails, error message can contain accesstoken. This can be happen when: - module is sending HTTP request with query parameter ?accesstoken=.... - and HTTP request fails errors...

3.7CVSS6.5AI score0.00504EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.5 views

Nway Pro Security Vulnerability

Nway Pro is a complete personnel and vehicle access control system for the most diverse market segments. A security vulnerability exists in Nway Pro 9, which stems from the fact that incorrect manipulation of the parameter rsargs can lead to the exposure of sensitive information via an error...

7.5CVSS6.4AI score0.00616EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.6 views

Hitachi Device Manager Security Vulnerability

Hitachi Device Manager is a device management software from Hitachi, Japan. It is a solution for centralized management and monitoring of storage devices, designed to help users simplify storage resource management, optimize storage performance, and improve the reliability and availability of...

7.5CVSS6.6AI score0.00408EPSS
Exploits0References2
OSV
OSV
added 2023/08/02 12:15 a.m.6 views

UBUNTU-CVE-2023-1210

An issue has been discovered in GitLab affecting all versions starting from 12.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible to leak a user's email via an error message for groups that restrict membership by email...

4.3CVSS5.7AI score0.0051EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/03/13 12:0 a.m.10 views

CVE-2023-27587

ReadtoMyShoe, a web app that lets users upload articles and listen to them later, generates an error message containing sensitive information prior to commit 8533b01. If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google...

7.4CVSS7.3AI score0.03857EPSS
Exploits1References2
OSV
OSV
added 2022/06/28 7:15 p.m.2 views

CVE-2022-31229

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources...

4.9CVSS5.8AI score0.00713EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/20 8:15 a.m.2 views

CVE-2022-29266

In APache APISIX before 3.13.1, the jwt-auth plugin has a security issue that leaks the user's secret key because the error message returned from the dependency lua-resty-jwt contains sensitive information...

7.5CVSS5.9AI score0.0783EPSS
Exploits0References3
OSV
OSV
added 2022/01/25 12:13 p.m.13 views

MGASA-2022-0036 Updated phpmyadmin packages fix security vulnerability

A flaw was identified in how phpMyAdmin processes two factor authentication; a user could potentially manipulate their account to bypass two factor authentication in subsequent authentication sessions PMASA-2022-1. A series of weaknesses was identified allowing a malicious user to submit maliciou...

6.1CVSS5.2AI score0.07936EPSS
Exploits2References3
CNVD
CNVD
added 2020/08/27 12:0 a.m.4 views

IBM Security Guardium Data Encryption (GDE) Information Disclosure Vulnerability (CNVD-2020-49511)

IBM Security Guardium Data Encryption GDE provides a modular set of encryption solutions that help security teams effectively implement data-at-rest security across the organization. An information disclosure vulnerability exists in IBM Security Guardium Data Encryption GDE 3.0.0.2. An attacker...

4CVSS8.1AI score0.00499EPSS
Exploits0References1
OSV
OSV
added 2020/04/15 4:15 p.m.6 views

CVE-2019-4593

IBM QRadar 7.3.0 to 7.3.3 Patch 2 generates an error message that includes sensitive information that could be used in further attacks against the system. IBM X-ForceID: 167743...

4.3CVSS5.8AI score0.00816EPSS
Exploits0References2
OSV
OSV
added 2020/02/26 4:15 p.m.3 views

CVE-2019-19993

An issue was discovered in Selesta Visual Access Manager VAM 4.15.0 through 4.29. Several full path disclosure vulnerability were discovered. A user, even with no authentication, may simply send arbitrary content to the vulnerable pages to generate error messages that expose some full paths...

5.3CVSS6.2AI score0.01243EPSS
Exploits1References3
OSV
OSV
added 2019/11/22 4:15 p.m.4 views

CVE-2019-4570

IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 166720...

5.3CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2019/10/02 7:15 p.m.4 views

CVE-2019-12156

Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293...

5.3CVSS6.2AI score0.00904EPSS
Exploits0References1
OSV
OSV
added 2019/07/18 10:15 p.m.3 views

CVE-2019-7941

Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Information Exposure Through an Error Message vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user...

7.5CVSS7.2AI score0.03121EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/06/06 12:0 a.m.4 views

PT-2019-16974 · Ibm · Ibm Security Information Queue

Name of the Vulnerable Software and Affected Versions: IBM Security Information Queue ISIQ versions 1.0.0 through 1.0.2 Description: The issue generates an error message that includes sensitive information, which could be used in further attacks against the system. Recommendations: For versions...

5.3CVSS4.5AI score0.01269EPSS
Exploits0References4
OSV
OSV
added 2018/05/29 1:29 p.m.5 views

CVE-2017-1768

IBM Security Guardium Big Data Intelligence SonarG 3.1 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 136471...

4.3CVSS5.8AI score
Exploits0References3
Rows per page
Query Builder