Lucene search
K

3858 matches found

Debian CVE
Debian CVE
added 2022/03/03 6:23 p.m.58 views

CVE-2021-3620

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality...

5.5CVSS6.9AI score0.00384EPSS
Exploits0
Cvelist
Cvelist
added 2022/03/03 6:23 p.m.23 views

CVE-2021-3620

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality...

5.7AI score0.00384EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/02/19 12:1 a.m.28 views

Generation of Error Message Containing Sensitive Information in microweber

Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...

9.4CVSS2.1AI score0.06923EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/02/19 12:1 a.m.13 views

GHSA-HHRJ-WP42-32V3 Generation of Error Message Containing Sensitive Information in microweber

Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...

7.5CVSS7.3AI score0.06923EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/02/18 11:10 a.m.30 views

CVE-2022-0660 Generation of Error Message Containing Sensitive Information in microweber/microweber

Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...

9.4CVSS7.7AI score0.06923EPSS
Exploits1References2
CVE
CVE
added 2022/02/18 11:10 a.m.143 views

CVE-2022-0660

Microweber before 1.2.11 is affected by an information-disclosure vulnerability in microweber/microweber. An error message generated when viewing load_module:comments#search exposes sensitive information, potentially enabling an attacker to obtain sensitive data and, per the nuclei template, poss...

9.4CVSS7.5AI score0.06923EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/02/18 12:0 a.m.17 views

GHSA-PWWM-PWX2-2HW7 Generation of Error Message Containing Sensitive Information in Snipe-IT

Snipe-IT prior to version 5.3.11 is vulnerable to Generation of Error Message Containing Sensitive Information...

5.3CVSS5.1AI score0.00972EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/02/18 12:0 a.m.18 views

Generation of Error Message Containing Sensitive Information in Snipe-IT

Snipe-IT prior to version 5.3.11 is vulnerable to Generation of Error Message Containing Sensitive Information...

5.3CVSS2.6AI score0.00972EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/17 2:15 a.m.5 views

CVE-2022-0622

Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11...

5.3CVSS5.8AI score0.00972EPSS
Exploits1References3
NVD
NVD
added 2022/02/17 2:15 a.m.15 views

CVE-2022-0622

Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11...

5.3CVSS0.00972EPSS
Exploits1References2
Prion
Prion
added 2022/02/17 2:15 a.m.10 views

Information disclosure

Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11...

5CVSS5.2AI score0.00972EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/02/17 2:5 a.m.19 views

CVE-2022-0622 Generation of Error Message Containing Sensitive Information in snipe/snipe-it

Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11...

5.3CVSS5.5AI score0.00972EPSS
Exploits1References2
CVE
CVE
added 2022/02/17 2:5 a.m.121 views

CVE-2022-0622

Affected software: snipe-it (Packagist package snipe/snipe-it). Vulnerability: Generation of an error message containing sensitive information in Snipe-IT prior to version 5.3.11, leading to information exposure. Root cause/impact: The error handling path in the application reveals sensitive data...

5.3CVSS5.1AI score0.00972EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/10 11:6 p.m.76 views

Expression Language Injection in Netflix Conductor

Netflix Conductor uses Java Bean Validation JSR 380 custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary data in the error message template being...

9.8CVSS8.9AI score0.02006EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2022/02/09 4:55 p.m.25 views

Information Disclosure

microweber is vulnerable to information disclosure. The vulnerability exists due to the lack of sanitization of the error message via the json.data...

6.5CVSS2.4AI score0.01151EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/02/09 12:0 a.m.27 views

GHSA-XXQ4-3742-3H28 Generation of Error Message Containing Sensitive Information in microweber

microweber version 1.2.10 and prior may generate an error message containing sensitive information...

6.5CVSS6.4AI score0.01151EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/02/09 12:0 a.m.28 views

Generation of Error Message Containing Sensitive Information in microweber

microweber version 1.2.10 and prior may generate an error message containing sensitive information...

6.5CVSS3AI score0.01151EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2022/02/08 9:15 a.m.20 views

CVE-2022-0504

Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...

6.5CVSS0.01151EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/02/08 9:15 a.m.5 views

CVE-2022-0504

Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...

6.5CVSS6.5AI score0.01151EPSS
Exploits1References3
Prion
Prion
added 2022/02/08 9:15 a.m.20 views

Information disclosure

Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...

4CVSS6.3AI score0.01151EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder