CVE-2024-52611 SolarWinds Platform Information Disclosure Vulnerability

The SolarWinds Platform is vulnerable to an information disclosure vulnerability through an error message. While the data does not provide anything sensitive, the information could assist an attacker in other malicious actions...

CVE-2024-52611 SolarWinds Platform Information Disclosure Vulnerability

The SolarWinds Platform is vulnerable to an information disclosure vulnerability through an error message. While the data does not provide anything sensitive, the information could assist an attacker in other malicious actions...

CVE-2024-52611

The connected sources provide concrete details for CVE-2024-52611: SolarWinds Platform is vulnerable to information disclosure via error messages. Affected software is SolarWinds Platform versions 2024.4.1 and earlier. The root cause relates to how error messages disclose potentially useful infor...

PT-2025-6190 · Unknown · Octopus Server

Name of the Vulnerable Software and Affected Versions: Octopus Server affected versions not specified Description: The issue arises from the unsafe handling of error messages on the error page in affected versions of Octopus Server. If an adversary can control any part of the error message, they...

Azure Linux 3.0 Security Update: postgresql (CVE-2024-10977)

The version of postgresql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10977 advisory. - Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS...

CVE-2024-56467

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system...

CVE-2024-45658

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system...

CVE-2025-24980

pimcore/admin-ui-classic-bundle provides a Backend UI for Pimcore. In affected versions an error message discloses existing accounts and leads to user enumeration on the target via "Forgot password" function. No generic error message has been implemented. This issue has been addressed in version...

CVE-2025-24980 Pimcore Admin Classic Bundle allows user enumeration

pimcore/admin-ui-classic-bundle provides a Backend UI for Pimcore. In affected versions an error message discloses existing accounts and leads to user enumeration on the target via "Forgot password" function. No generic error message has been implemented. This issue has been addressed in version...

CVE-2025-24980

CVE-2025-24980 affects Pimcore’s admin-ui-classic-bundle. The issue is an information disclosure: the Forgot Password flow reveals whether an account exists via non-generic error messages, enabling user enumeration. Root cause: improper error handling in the authentication/forgot-password path. I...

Pimcore 安全漏洞

Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates applications for Web content management, e-commerce frameworks and product information management. A security vulnerability exists in...

CVE-2024-56467

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system...

CVE-2024-56467 IBM EntireX information disclosure

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system...

CVE-2024-56467 IBM EntireX information disclosure

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system...

CVE-2024-49798 IBM ApplinX Information Disclosure

IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2024-49798

IBM ApplinX 11.1 is affected by CVE-2024-49798: a vulnerability where a detailed technical error message returned in the browser could disclose sensitive information, potentially aiding further attacks. The underlying issue is CWE-209 (Generation of Error Message Containing Sensitive Information)...

CVE-2024-49798 IBM ApplinX Information Disclosure

IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2022-2062

Generation of Error Message Containing Sensitive Information in GitHub repository nocodb/nocodb prior to 0.91.7+...

BIT-SUPERSET-2024-53948 Apache Superset: Error verbosity exposes metadata in analytics databases

Generation of Error Message Containing analytics metadata Information in Apache Superset. This issue affects Apache Superset: before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue...

CVE-2024-11625

Information Exposure Through an Error Message vulnerability in Progress Software Corporation Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421...