Denial of Service in @commercial/subtext

Version 5.1.1 of @commercial/subtext is vulnerable to Denial of Service. The Content-Encoding HTTP header parser has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. Because hapi rethrows system errors as opposed to catching expecte...

Denial of Service in @hapi/accept

Versions of @hapi/accept prior to 3.2.4 or 5.0.1 are vulnerable to Denial of Service. The Accept-Encoding HTTP header parser has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. Because hapi rethrows system errors as opposed to...

CVAD1912 - Wfica32 crash pointing to vdcdm30n.dll

When connecting from a client machine with CVAD 1912 LTSR installed, customers may notice that the ICA Connection stops at a White Screen with the message "Connecting". This problem is noticed with CWA 1911 and 1912 LTSR. Client side event logs indicate crash of wfica32 process. Log Name:...

CVE-2020-5217

In Secure Headers RubyGem secureheaders, a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0. If user-supplied input was passed into append/overridecontentsecuritypolicydirectives, a semicolon could be injected leading to directive injection. This could be us...

Kartpay: Application Error disclosure, Verification token seen error and user able to change password

Summary: Application Error disclosure, Verification token seen error and user able to change password Browsers Verified In: Broswer version: Google Chrome is up to date Version 75.0.3770.100 Official Build 64-bit Steps To Reproduce: add details for how we can reproduce the issue Steps to reproduc...

IBM Security Key Lifecycle Manager: All Security Bulletins

Summary This page lists all the security bulletins that are released for IBM Security Key Lifecycle Manager. Vulnerability Details Security Bulletin: IBM Security Key Lifecycle Manager stores unencrypted password CVE-2016-6092 --- Security Bulletin: IBM Security Key Lifecycle Manager uses Less...

Security Bulletin: IBM Security Guardium is affected by an Application Error vulnerability

Summary IBM Security Guardium has addressed the following vulnerability Vulnerability Details CVEID: Not Applicable DESCRIPTION: No CVE description. CVSS Base Score: 4.3 CVSS Temporal Score: See Not Applicable for the current score CVSS Environmental Score: Undefined CVSS Vector:...

Can't install App Layering Agent, "System.MissingMethodException"

The Citrix Agent install fails because the Agent won't start. Windows says there was a timeout waiting for the service, but in reality it immediately crashes with a .Net error in the Windows Application event log. Application Log events: Log Name: Application Source: Application Error Date:...

Security Bulletin: Multi-Cloud Data Encryption (MDE) is affected by an application error.

Summary Security Bulletin: Multi-Cloud Data Encryption MDE has addressed the following application error vulnerability. Vulnerability Details CVEID: CVE-2018-1591 DESCRIPTION: IBM Multi-Cloud Data Encryption MDE generates an error message that includes sensitive information about its environment,...

Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by an Application Error vulnerability

Summary IBM Security Guardium Big Data Intelligence SonarG has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-1768 DESCRIPTION: IBM Security Guardium Big Data Intelligence SonarG generates an error message that includes sensitive information about its environment,...

Security Bulletin: IBM Security Key Lifecycle Manager is vulnerable to Application Error (CVE-2017-1727)

Summary IBM Security Key Lifecycle Manager discloses sensitive information in error messages that could aid an attacker in further attacks against the system. Vulnerability Details CVEID: CVE-2017-1727 DESCRIPTION: IBM Tivoli Key Lifecycle Manager discloses sensitive information in error messages...

Security Bulletin: IBM Security Guardium is affected by Application Error vulnerability (CVE-2016-0242)

Summary IBM Security Guardium could disclose sensitive information about its environment, users, or associated data in the error message when an authenticated user produces errors. Vulnerability Details CVEID: CVE-2016-0242 DESCRIPTION: IBM Security Guardium could disclose sensitive information...

Unable to open PVS Console after upgrade to 7.17

Unable to open PVS Console after upgrade to PVS 7.17 with error An unhandled exception occurred and the application will exit. Please report the information below. Press Ctrl-C to copy the data to the clipboard. Method not found: '!!0 System.Array.Empty'. Stack Trace: at...

Serhat Sozluk 5 Cross Site Scripting

============================================================================ | Title : Serhat Sozluk v5 XSS Vulnerability | | Author : indoushka | | email : [email protected] | | Tested on : windows 10 FranASSais V.Pro | | Version : v5 | | Vendor : http://wmscripti.com | | Dork : n/a |...

Toplist 2 SQL Injection / Backdoor Account / Shell Upload

============================================================================ | Title : toplist v 2 Backdoor account Vulnerability | | Author : indoushka | | email : [email protected] | | Tested on : windows 10 FranASSais V.Pro | | Version : v 2 | | Vendor : http://wmscripti.com | | Dork :...

While Launching HDX Applications from Secure Hub WorkStore Getting an Error: "Unsupported file type......."

The hdx applications are enumerated in the secure hub store but while launching the application we get error : "Unsupported file type : the provided ica file is malformed or otherwise invalid. Please ensure that the product you are using for launching is correct. Contact you administrator for...

Product update: Virtuozzo Automator 7 Update 1 Hotfix 1

The new packages for Virtuozzo Automator 7 introducing usability bug fixes for the management node. Vulnerability id: PVA-36679 Hardware nodes with VMs stayed offline after upgrading the management node from version 6 to 7. Vulnerability id: PVA-36677 The 'vaconfig' tool was not installed with...

Denial of Service attack (NC-SA-2017-004)

Due to an error in the application logic an authenticated adversary may trigger an endless recursion in the application leading to a potential Denial of Service...

Information disclosure

IBM Security Guardium 10.x through 10.1 before p100 allows remote authenticated users to obtain sensitive information by reading an Application Error message...

CVE-2016-0242

IBM Security Guardium 10.x through 10.1 before p100 allows remote authenticated users to obtain sensitive information by reading an Application Error message...