279 matches found
Xibo 安全漏洞
Xibo is an open source content management system from Xibo Digital Signage. A security vulnerability exists in Xibo versions prior to 3.0.0 through 3.3.5, which originates from a stack trace being printed when called with missing or invalid parameters, which can be exploited by an attacker to vie...
Jenkins: Information disclosure through error stack traces related to agents
A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers...
Jenkins: Information disclosure through error stack traces related to agents
A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers...
Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Jenkins: Information disclosure through error stack traces related to agents
A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers...
Jenkins: Information disclosure through error stack traces related to agents
A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers...
Security Bulletin: Improper Error Handling
Summary Improper handling of errors can introduce a variety of security problems for a web site. The mostcommon problem is when detailed internal error messages such as stack traces, database dumps. Vulnerability Details CVEID:CVE-2022-34333 DESCRIPTION: IBM Sterling Order Management does not...
Information disclosure through error stack traces related to agents
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier, and prior to LTS 2.387.1 prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers. Jenkins 2.394, LTS 2.375.4,...
GHSA-RRGP-C2W8-6VG6 Information disclosure through error stack traces related to agents
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier, and prior to LTS 2.387.1 prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers. Jenkins 2.394, LTS 2.375.4,...
Jenkins 安全漏洞
Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plug-ins to support building, deploying and automating any project. A security vulnerability exists in Jenkins version 2.393 and earlier, LTS version 2.375.3 and earlier, which stems from ...
Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.8 Multiple Vulnerabilities (CloudBees Security Advisory 2023-03-08)
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.8. It is, therefore, affected by multiple vulnerabilities including the following: - DoS vulnerability in bundled Apache Commons FileUpload library CVE-2023-24998,...
CVE-2022-35715
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 231202...
IBM InfoSphere Information Server 安全漏洞
IBM InfoSphere Information Server is a data integration platform from IBM Corporation. The platform can be used to integrate data information obtained from various sources. IBM InfoSphere Information Server version 11.7 has a security vulnerability that stems from the return of detailed technical...
GHSA-C2J7-66M3-R4FF JSPUI's "Internal System Error" page prints exceptions and stack traces without sanitization
Impact When an "Internal System Error" occurs in the JSPUI, then entire exception including stack trace is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impacts the JSPUI. This vulnerability does NOT impact...
JSPUI's "Internal System Error" page prints exceptions and stack traces without sanitization
Impact When an "Internal System Error" occurs in the JSPUI, then entire exception including stack trace is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impacts the JSPUI. This vulnerability does NOT impact...
Information Disclosure
dspace-jspui is vulnerable to information disclosure. The vulnerability exists because the doGet function of InternalErrorServlet.java does not properly sanitize the internal system error exceptions and stack traces, allowing an attacker to gain sensitive information through the exceptions and...
Dspace 安全漏洞
Dspace is an open source turnkey repository application from the DuraSpace community. A security vulnerability exists in DSpace versions prior to 6.4, which stems from the fact that when an "internal system error" occurs in dspace-jspui, the entire exception including the stack trace is available...
CVE-2022-22373
An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead to creation of directories and files on the server file system that may contain non-sensitive debugging information like stack traces. IBM X-Force ID: 221323...
Input validation
An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead to creation of directories and files on the server file system that may contain non-sensitive debugging information like stack traces. IBM X-Force ID: 221323...
PT-2022-15398 · Ibm · Ibm Infosphere Information Server
Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue is related to improper validation, which may allow the creation of directories and files on the server file system. These files may contain non-sensitive debugging...