30 matches found
CVE-2025-1395
Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing proces...
CVE-2025-1395 Sensitive Data Exposure in CoDeriApp's HeyGarson
Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing proces...
EUVD-2025-206579
Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing proces...
CVE-2025-1395
The CVE-2025-1395 entry describes a vulnerability in Codriapp Innovation and Software Technologies Inc.’s HeyGarson where error messages may expose sensitive information. The issue is triggered by fuzzing for application mapping and affects HeyGarson up to 30012026. The available connected docume...
CVE-2025-1395
Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing proces...
PT-2026-5385
Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted early about this disclosure but did not...
Codriapp HeyGarson security vulnerability
Codriapp HeyGarson is a digital ordering and management platform developed by Codriapp. Versions of Codriapp HeyGarson dated before January 30, 2026, have security vulnerabilities. These vulnerabilities stem from error messages containing sensitive information, which may lead to application mappi...
CVE-2026-22646
Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...
EUVD-2022-2061
Malicious code in bioql PyPI...
CVE-2025-0049
When a Web User without Create permission on subfolders attempts to upload a file to a non-existent directory, the error message includes the absolute server path which may allow Fuzzing for application mapping. This issue affects GoAnywhere: before 7.8.0...
CVE-2025-0049
When a Web User without Create permission on subfolders attempts to upload a file to a non-existent directory, the error message includes the absolute server path which may allow Fuzzing for application mapping. This issue affects GoAnywhere: before 7.8.0...
CVE-2025-0049
CVE-2025-0049 affects Fortra GoAnywhere before version 7.8.0. The vulnerability stems from an error message returned when a web user without Create permission on subfolders uploads a file to a non-existent directory; the message may expose the absolute server path, which could enable fuzzing for ...
CVE-2025-0049 Disclosure of sensitive information in an error message in GoAnywhere prior to version 7.8.0
When a Web User without Create permission on subfolders attempts to upload a file to a non-existent directory, the error message includes the absolute server path which may allow Fuzzing for application mapping. This issue affects GoAnywhere: before 7.8.0...
undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass
A flaw was found in Undertow, where the servlet container causes the servletPath to normalize incorrectly by truncating the path after the semicolon. The flaw may lead to application mapping, resulting in a security bypass...
IBM Tivoli Application Dependency Discovery Manager Cross-Site Scripting Vulnerability (CNVD-2024-07605)
IBM Tivoli Application Dependency Discovery Manager TADDM is a product in the suite of IT service management solutions from International Business Machines IBM. The product provides robust automated application mapping and discovery to help administrators understand the structure, state,...
IBM Tivoli Application Dependency Discovery Manager Elevation of Privilege Vulnerability
IBM Tivoli Application Dependency Discovery Manager TADDM is a product in the suite of IT service management solutions from International Business Machines IBM. The product provides robust automated application mapping and discovery to help administrators understand the structure, state,...
undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass
A flaw was found in Undertow, where the servlet container causes the servletPath to normalize incorrectly by truncating the path after the semicolon. The flaw may lead to application mapping, resulting in a security bypass...
undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass
A flaw was found in Undertow, where the servlet container causes the servletPath to normalize incorrectly by truncating the path after the semicolon. The flaw may lead to application mapping, resulting in a security bypass...
undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass
A flaw was found in Undertow, where the servlet container causes the servletPath to normalize incorrectly by truncating the path after the semicolon. The flaw may lead to application mapping, resulting in a security bypass...
undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass
A flaw was found in Undertow, where the servlet container causes the servletPath to normalize incorrectly by truncating the path after the semicolon. The flaw may lead to application mapping, resulting in a security bypass...