Secret logging may occur in debug mode of Atlas Operator

The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like GCP service account keys and API integration secrets while DEBUG mode logging is enabled. This issue affects MongoDB Atlas Kubernetes Operator versions: 1.5.0, 1.6.0, 1.6.1, 1.7.0. Please note that thi...

CVE-2023-0436 Secret logging may occur in debug mode of Atlas Operator

The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like GCP service account keys and API integration secrets while DEBUG mode logging is enabled. This issue affects MongoDB Atlas Kubernetes Operator versions: 1.5.0, 1.6.0, 1.6.1, 1.7.0. Please note that thi...

Mars: Information Exposure due to enabled debug mode

The server was found to be exposing system information to unauthenticated users due to the enabled debug mode. The disclosed information included details about the technologies and versions being used in the production system, such as the Python version, Django version, and the database driver in...

SUSE CVE-2021-3551

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...

MTN Group: Information disclosure via enabled Django Debug Mode

The Django Debug Mode was enabled, which resulted in the disclosure of error messages, API endpoints, and the ability to register arbitrary user accounts and enumerate email addresses of registered users...

Oracle Linux 7 : docker-engine (ELSA-2019-4813)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-4813 advisory. 18.09.8-1.0.4 - Modified version to include ol suffix 18.09.8-1.0.3 - ol7 image related changes 18.09.8-1.0.2 - Merge upstream for CVE fixes. Tenable h...

CVE-2023-2309

The wpForo Forum WordPress plugin before 2.1.9 does not escape some request parameters while in debug mode, leading to a Reflected Cross-Site Scripting vulnerability...

CVE-2023-2309 wpForo Forum < 2.1.9 - Reflected Cross-Site Scripting

The wpForo Forum WordPress plugin before 2.1.9 does not escape some request parameters while in debug mode, leading to a Reflected Cross-Site Scripting vulnerability...

WordPress Plugin wpForo Forum 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2023-18841 · WordPress · Wpforo Forum

Name of the Vulnerable Software and Affected Versions: wpForo Forum WordPress plugin versions prior to 2.1.9 Description: The issue is related to a Reflected Cross-Site Scripting vulnerability. It occurs because the plugin does not escape some request parameters while in debug mode...

CVE-2023-33848

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode. IBM X-Force ID: 257104...

CVE-2023-33848

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode. IBM X-Force ID: 257104...

Code injection

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode. IBM X-Force ID: 257104...

CVE-2023-33848 IBM CICS TX information disclosure

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode. IBM X-Force ID: 257104...

CVE-2023-33848

The CVE-2023-33848 issue affects IBM TXSeries for Multiplatforms (versions 8.1–9.1) and IBM CICS TX products, where enabling debug mode can let a privileged user obtain highly sensitive information. Affected components include IBM TXSeries for Multiplatforms and CICS TX Standard/Advanced (Standar...

IBM CICS TX 安全漏洞

IBM CICS TX is a comprehensive, single transaction runtime package from International Business Machines IBM. A security vulnerability exists in IBM CICS TX Standard version 11.1, CICS TX Advanced versions 10.1 and 11.1 IBM TXSeries for Multiplatforms versions 8.1, 8.2, and 9.1, which stems from a...

Security Bulletin: "Administration Console can be switched to debug mode" may affect IBM TXSeries for Multiplatforms

Summary "Administration Console can be switched to debug mode" may affect IBM TXSeries for Multiplatforms. IBM TXSeries for Multiplatforms has addressed the applicable CVE and the fix has been provided as special fix uploaded in IBM Fix Central. Vulnerability Details CVEID:CVE-2023-33848...

Security Bulletin: "Administration Console can be switched to debug mode" may affect IBM CICS TX Advanced

Summary "Administration Console can be switched to debug mode" may affect IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-33848 DESCRIPTION: IBM CICS TX could allow a privileged user to obtain highly sensitive information by enabli...

Security Bulletin: "Administration Console can be switched to debug mode" may affect IBM CICS TX Standard

Summary "Administration Console can be switched to debug mode" may affect IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-33848 DESCRIPTION: IBM CICS TX could allow a privileged user to obtain highly sensitive information by enabli...

Path Traversal

pimcore/pimcore is vulnerable to Path Traversal. The vulnerability exists because it does not properly validate the pimcorelog parameter in Pimcore.php which allows an attacker to overwrite or modify sensitive files in the system. This vulnerability is only applicable if pimcore is running on a...