Lucene search
K

3858 matches found

OSV
OSV
added 2022/04/19 5:15 p.m.1 views

CVE-2021-39033

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

6.5CVSS6AI score0.00978EPSS
Exploits0References2
NVD
NVD
added 2022/04/19 5:15 p.m.15 views

CVE-2021-39033

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

6.5CVSS0.00978EPSS
Exploits0References2
Prion
Prion
added 2022/04/19 5:15 p.m.11 views

Information disclosure

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

4CVSS6AI score0.00978EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/04/19 4:15 p.m.17 views

CVE-2021-39033

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

4.3CVSS6.1AI score0.00978EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.3 views

Microsoft Windows 输入验证错误漏洞

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A denial of service vulnerability exists in Microsoft Windows Secure Channel. The vulnerability stems from a failure to properly handle incoming error messages and can be exploited by ...

7.5CVSS5.7AI score0.03142EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2022/04/04 8:15 p.m.5 views

CVE-2022-1120

Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 exposed sensitive information when an include directive fails in the CI/CD configuration...

6.5CVSS6.5AI score0.00987EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/04/04 8:15 p.m.19 views

CVE-2022-1120

Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 exposed sensitive information when an include directive fails in the CI/CD configuration...

6.5CVSS0.00987EPSS
Exploits0References3
OSV
OSV
added 2022/04/04 8:15 p.m.1 views

UBUNTU-CVE-2022-1120

Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 exposed sensitive information when an include directive fails in the CI/CD configuration...

6.5CVSS5.8AI score0.00987EPSS
Exploits0References5
OSV
OSV
added 2022/04/04 7:46 p.m.21 views

CVE-2022-1120

Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 exposed sensitive information when an include directive fails in the CI/CD configuration...

4.8CVSS6AI score0.00987EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/04/01 12:0 a.m.43 views

openSUSE 15 Security Update : protobuf (openSUSE-SU-2022:1040-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:1040-1 advisory. - Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto...

6.5CVSS6.5AI score0.0266EPSS
Exploits0References4
Atlassian
Atlassian
added 2022/03/29 8:51 a.m.30 views

Bitbucket displays sensitive DB details in error message in browser

h3. Issue Summary On application startup, if the database is down the Bitbucket application displays the sensitive database hostname & port details in the error message in browser. Error Message: noformat The database, as currently configured, is not accessible. Connection to : refused. Check tha...

1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/03/14 3:15 p.m.7 views

CVE-2022-0327

The Master Addons for Elementor WordPress plugin before 1.8.5 does not sanitise and escape the errormessage parameter before outputting it back in the response of the jltmarestrictcontent AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scriptin...

6.1CVSS6.3AI score0.00783EPSS
Exploits2References2
OSV
OSV
added 2022/03/14 3:15 p.m.5 views

CVE-2022-0327

The Master Addons for Elementor WordPress plugin before 1.8.5 does not sanitise and escape the errormessage parameter before outputting it back in the response of the jltmarestrictcontent AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scriptin...

6.1CVSS6.4AI score0.00783EPSS
Exploits2References1
Citrix
Citrix
added 2022/03/14 12:0 a.m.6 views

CVAD Setup Wizard Fails To Complete When Using Citrix Cloud - Index Was Out Of Range

Running the Provisioning Services CVAD Setup Wizard to create or add new machines to a Citrix Cloud catalog fails to create the devices. Upon clicking finish, after specifying wizard parameters, the wizard closes and the following error appears: Error: Index was out of range. Must be non-negative...

7AI score
Exploits0
Cvelist
Cvelist
added 2022/03/09 3:38 p.m.15 views

CVE-2021-35251 Sensitive Data Disclosure Vulnerability

Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details about the Web Help Desk installation...

5.3CVSS5.5AI score0.00912EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2022/03/08 10:40 a.m.275 views

Exploit for Improper Initialization in Linux Linux_Kernel

CVE-2022-0847-dirty-pipe-exploit An exploit for CVE-2022-0847...

7.8CVSS7.6AI score0.88106EPSS
Exploits100
NVD
NVD
added 2022/03/03 7:15 p.m.20 views

CVE-2021-3620

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality...

5.5CVSS0.00384EPSS
Exploits0References4
OSV
OSV
added 2022/03/03 7:15 p.m.7 views

CVE-2021-3620

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality...

5.5CVSS5.4AI score0.00384EPSS
Exploits0References4
Prion
Prion
added 2022/03/03 7:15 p.m.29 views

Design/Logic Flaw

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality...

2.1CVSS5.3AI score0.00384EPSS
Exploits0References4Affected Software9
Vulnrichment
Vulnrichment
added 2022/03/03 6:23 p.m.15 views

CVE-2021-3620

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality...

6.5AI score0.00384EPSS
Exploits0References4
Rows per page
Query Builder