Lucene search
K

287 matches found

Veracode
Veracode
added 5 days ago7 views

Sensitive Information Exposure

Apache Camel Undertow Component is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper handling of exception responses, where processing errors return full Java stack traces instead of suppressing them, allowing attackers to obtain sensitive information such as...

5.3CVSS5.9AI score0.00363EPSS
Exploits0References4Affected Software2
RedhatCVE
RedhatCVE
added 6 days ago5 views

CVE-2026-49365

A flaw was found in the Apache Camel Netty HTTP component. An unauthenticated remote attacker can exploit this vulnerability by sending a malformed request that triggers an exception during route processing. Due to a misconfiguration where muteException is set to false by default, the system...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-56139

A flaw was found in the Apache Camel Undertow component. The camel-undertow HTTP server consumer, when processing errors, could return full Java stack traces in HTTP responses. This occurs because the muteException option, which controls what is returned to the client during errors, defaulted to...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References4
NVD
NVD
added 2026/07/06 9:16 a.m.8 views

CVE-2026-56139

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to false,...

5.3CVSS0.00363EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/06 8:15 a.m.32 views

CVE-2026-56139 Apache Camel Undertow: The muteException consumer option defaulted to false, so a processing error returned the full Java stack trace in the HTTP response body, disclosing sensitive internal information to unauthenticated clients

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to false,...

0.00363EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 8:11 a.m.9 views

EUVD-2026-41846

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Netty HTTP component. The camel-netty-http HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to fal...

5.8AI score0.00363EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

389 Directory Server 缓冲区错误漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. There is a security vulnerability in 389 Directory Server, which stems from type confusion during the processing of SSO token extensions. As a result, some stack trace...

4.3CVSS5.8AI score0.00179EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.10 views

CVE-2025-59853

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

5.3CVSS5.5AI score0.00166EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/26 7:36 a.m.13 views

python-markdown: denial of service via malformed HTML-like sequences

A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive informati...

8.2CVSS7.2AI score0.00566EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/05/11 4:36 p.m.6 views

CVE-2026-44226

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, pyload-ng WebUI returns full Python traceback details to clients on unhandled exceptions. Because /web/ is reachable without authentication and renders attacker-controlled template names, an...

5.3CVSS5.8AI score0.00336EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/11 4:36 p.m.8 views

CVE-2026-44226 pyLoad: Unauthenticated traceback disclosure via global exception handler in WebUI

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, pyload-ng WebUI returns full Python traceback details to clients on unhandled exceptions. Because /web/ is reachable without authentication and renders attacker-controlled template names, an...

5.3CVSS5.8AI score0.00336EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/11 4:36 p.m.51 views

CVE-2026-44226 pyLoad: Unauthenticated traceback disclosure via global exception handler in WebUI

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, pyload-ng WebUI returns full Python traceback details to clients on unhandled exceptions. Because /web/ is reachable without authentication and renders attacker-controlled template names, an...

5.3CVSS0.00336EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

pyLoad 安全漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad prior to 0.5.0b3.dev100 contained security vulnerabilities. These vulnerabilities stemmed from the WebUI returning complete Python trace details when exceptions were not handled properly. This could allow...

5.3CVSS5.8AI score0.00336EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/05/07 5:29 p.m.9 views

python-markdown: denial of service via malformed HTML-like sequences

A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive informati...

8.2CVSS7.2AI score0.00566EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.24 views

PT-2026-38393

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.0 Description The CallSite wrapper class, designed as a safe wrapper for V8's native CallSite, fails to sanitize the output of the getFileName function. While the class blocks getThis and getFunction to prevent host...

5.8CVSS5.9AI score0.00241EPSS
Exploits1References7
OSV
OSV
added 2026/05/06 9:39 p.m.9 views

GHSA-QRCH-52M5-VV85 Flight vulnerable to sensitive information disclosure via default error handler

Summary The default error handler Engine::error writes the full exception message, exception code, and stack trace including absolute filesystem paths directly into the HTTP 500 response, with no debug gating. Production deployments leak internal paths, any secret interpolated into an exception...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/06 5:54 p.m.10 views

Information Exposure

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Information Exposure via the global exception handling process in the WebUI. An attacker can obtain sensitive internal implementation details, such as stack...

6.9CVSS5.8AI score0.00336EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/06 12:30 p.m.8 views

EUVD-2025-209665

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

3.1CVSS5.9AI score0.00166EPSS
Exploits0References2
NVD
NVD
added 2026/05/06 11:16 a.m.11 views

CVE-2025-59853

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

5.3CVSS0.00166EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/06 10:26 a.m.38 views

CVE-2025-59853 HCL DFXAnalytics is affected by an Improper Error Handling vulnerability

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

3.1CVSS0.00166EPSS
Exploits0References1
Rows per page
Query Builder