Lucene search
K

27 matches found

OSV
OSV
added 2022/06/02 6:5 p.m.29 views

CVE-2022-31023 Dev error stack trace leaking into prod in Play Framework

Play Framework is a web framework for Java and Scala. Verions prior to 2.8.16 are vulnerable to generation of error messages containing sensitive information. Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by...

5.9CVSS7.6AI score0.01233EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/08/23 12:0 a.m.4 views

PT-2021-6600 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 12.2 and later Description: A verbose error message in GitLab EE could disclose the private email address of a user invited to a group. This issue affects all versions since 12.2 and allows a remote attacker to access...

4.3CVSS4.2AI score0.00974EPSS
Exploits0References16
OSV
OSV
added 2021/07/13 11:15 a.m.5 views

CVE-2021-33711

A vulnerability has been identified in Teamcenter Active Workspace V4 All versions V4.3.9, Teamcenter Active Workspace V5.0 All versions V5.0.7, Teamcenter Active Workspace V5.1 All versions V5.1.4. The affected application allows verbose error messages which allow leaking of sensitive informatio...

5.3CVSS5.7AI score0.00793EPSS
Exploits0References1
OSV
OSV
added 2021/05/16 4:15 p.m.3 views

CVE-2021-29040

The JSON web services in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 20 and 7.2 before fix pack 10 may provide overly verbose error messages, which allows remote attackers to use the contents of error messages to help launch another, more focused...

5.3CVSS5.8AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/08/24 12:0 p.m.50 views

APIs Are the Next Frontier in Cybercrime

Application Programming Interface API usage has exploded, and cybercriminals are increasingly taking advantage of API security flaws to commit fraud and steal data. APIs, which are used to create connections between software programs and perform integrations, make everything a bit easier — from...

0.6AI score
Exploits0References1
OSV
OSV
added 2016/12/08 8:59 a.m.2 views

UBUNTU-CVE-2016-9839

In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails...

7.5CVSS5.8AI score0.01501EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2016/12/08 12:0 a.m.6 views

PT-2016-7839 · Mapserver · Mapserver

Name of the Vulnerable Software and Affected Versions: MapServer versions prior to 7.0.3 Description: The issue is related to the OGR driver in MapServer, where error messages are too verbose. This verbosity may lead to the leakage of sensitive information if a data connection fails...

7.5CVSS7.1AI score0.01501EPSS
Exploits0References10
Rows per page
Query Builder