HCL BigFix Service Management 安全漏洞

HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. HCL BigFix Service Management SM has a security vulnerability. This vulnerability stems from improper error handling in the reporting module. When invalid or out-of-range...

CVE-2025-68139

EVerest is an EV charging software stack. In all versions up to and including 2025.12.1, the default value for terminateconnectiononfailedresponse is False, which leaves the responsibility for session and connection termination to the EV. In this configuration, any errors encountered by the modul...

Node.js security vulnerabilities

Node.js is an open-source, cross-platform JavaScript runtime environment developed by the Node.js community. There are security vulnerabilities in Node.js, which stem from unhandled TLSSocket errors when processing malformed HTTP/2 HEADERS frames. These vulnerabilities can lead to process crashes...

CVE-2025-0158

IBM EntireX 11.1 is affected by CVE-2025-0158, which could allow a local user to cause a denial of service due to an unhandled error and faulty isolation. The issue is documented in IBM Security Bulletin noting CWE-248 (Uncaught Exception) and a CVSS base of 5.5 (Medium) from IBM’s assessment. Pu...

PT-2025-5871 · Ibm · Ibm Entirex

Name of the Vulnerable Software and Affected Versions: IBM EntireX version 11.1 Description: The issue could allow a local user to cause a denial of service due to an unhandled error and fault isolation. Recommendations: For IBM EntireX version 11.1, at the moment, there is no information about a...

IBM EntireX 安全漏洞

IBM EntireX is a versatile middleware solution from International Business Machines IBM designed to facilitate seamless integration between core enterprise applications and modern applications. A security vulnerability exists in IBM EntireX version 11.1 that stems from the presence of unhandled...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the netfsreadtopagecache function not properly decreasing the -nroutstanding count when handling errors,...

PT-2025-1092 · Ibm · Ibm Engineering Lifecycle Optimization - Publishing

Name of the Vulnerable Software and Affected Versions: IBM Engineering Lifecycle Optimization - Publishing versions 7.0.2 through 7.0.3 Description: The issue is related to the implementation of TLS and SSL protocols in the software, which is associated with inadequate access control. Exploitatio...

Information Disclosure

jupyterserver is vulnerable to Information Disclosure. An information disclosure flaw exists due to unhandled errors in API requests. While not directly allowing unauthorized access, these errors may leak sensitive path information in responses, potentially revealing sensitive server details to...

CVE-2023-49080

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. Unhandled errors in API requests coming from an authenticated user include traceback information, which can include path information...

Design/Logic Flaw

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. Unhandled errors in API requests coming from an authenticated user include traceback information, which can include path information...

CVE-2023-5516

Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing information about the underlying technology and other sensitive information details. The website unintentionally reveals sensitive information including technical detai...

Design/Logic Flaw

Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing information about the underlying technology and other sensitive information details. The website unintentionally reveals sensitive information including technical detai...

CVE-2023-5516

CVE-2023-5516 is associated with Hitachi Energy eSOMS. The EU/ICS and CVE entries describe a vulnerability where poorly constructed web requests and URI components disclose sensitive information (internal paths, endpoints, server details) via web responses. Affected product: eSOMS (v6.3.13 and pr...

CVE-2023-5516

Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing information about the underlying technology and other sensitive information details. The website unintentionally reveals sensitive information including technical detai...

vm2 安全漏洞

vm2 is an advanced virtual machine/sandbox for Node.js by individual developer Patrik Simek in the Czech Republic. to run untrusted code using whitelisted Node built-in modules. A security vulnerability exists in vm2 versions prior to 3.9.15 that stems from vm2 not properly handling passed host...

Integer underflow in untrusted

A mistake in error handling in untrusted before 0.6.2 could lead to an integer underflow and panic if a user of the crate didn't properly check for errors returned by untrusted. Combination of these two programming errors one in untrusted and another by user of this crate could lead to a panic an...

CVE-2013-0152

Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service host memory consumption by performing nested virtualization in a way that triggers errors that are not properly handled...