179 matches found
EUVD-2011-2662
Malware in sbrugna...
EUVD-2019-8033
Malware in sbrugna...
EUVD-2007-4825
Malware in sbrugna...
EUVD-2021-14515
Malware in sbrugna...
EUVD-2024-37266
Malicious code in bioql PyPI...
EUVD-2023-51739
Malicious code in bioql PyPI...
EUVD-2023-29836
Malicious code in bioql PyPI...
EUVD-2024-36383
Malicious code in bioql PyPI...
EUVD-2021-28307
Malicious code in bioql PyPI...
EUVD-2024-54412
Malicious code in bioql PyPI...
External Control of File Name or Path
Overview ServiceStack.Text is a set of JSON, JSV and CSV text serializers Affected versions of this package are vulnerable to External Control of File Name or Path in the url parameter to the GetErrorResponse method. An attacker can relay NTLM credentials in the context of the current user by...
CVE-2025-6444 ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability
ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
ServiceStack 输入验证错误漏洞
ServiceStack is an API for building high-performance web services from ServiceStack, Inc. An input validation error vulnerability exists in ServiceStack that stems from the GetErrorResponse method not properly validating user input, which could lead to an NTLM credential relay attack...
CVE-2024-38322
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...
CVE-2021-41271
Discourse is a platform for community discussion. In affected versions a maliciously crafted request could cause an error response to be cached by intermediate proxies. This could cause a loss of confidentiality for some content. This issue is patched in the latest stable, beta and tests-passed...
CVE-2025-42604 Detailed Error Response Vulnerability in Meon KYC solutions
This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerability by accessing certain unauthorized API endpoints leading to detailed error messages as response leading to disclosure of system related...
Information Disclosure
api-platform/core is vulnerable to Information disclosure. The vulnerability is due to improper handling of exception messages, where non-HTTP exceptions are not sanitized and are directly included in the JSON error response, allows potentially sensitive internal information to be exposed to...
CVE-2023-47639
API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. From 3.2.0 until 3.2.4, exception messages, that are not HTTP exceptions, are visible in the JSON error response. This vulnerability is fixed in 3.2.5...
CVE-2023-47639
API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. From 3.2.0 until 3.2.4, exception messages, that are not HTTP exceptions, are visible in the JSON error response. This vulnerability is fixed in 3.2.5...
CVE-2023-47639 API Platform Core can leak exceptions message that may contain sensitive information
API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. From 3.2.0 until 3.2.4, exception messages, that are not HTTP exceptions, are visible in the JSON error response. This vulnerability is fixed in 3.2.5...