1181 matches found
PYSEC-2026-505 Injection vulnerability that affects ironic-discoverd
OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...
CVE-2026-8405
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
CVE-2026-45728
Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...
Cross-site Scripting (XSS)
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Scripting XSS via the pagetitle parameter in the WebSocket connection URL, which is broadcast to all connected clients without proper validation or...
CVE-2026-45040 RustFS: Sensitive Information Leakage (SessionToken and SecretAccessKey) in RustFS Logs [Debug Mode]
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, RustFS suffers from sensitive information leakage in log outputs. When the server is run with RUSTLOG=debug sensitive credentials including SessionToken JWT, SecretAccessKey, and full JWT claims are printed in...
CVE-2026-8405
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
EUVD-2026-32501
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
CVE-2026-8405
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
CVE-2026-8405
The vulnerability CVE-2026-8405 affects IBM Guardium Data Protection (Guardium Data Protection add-on) with the Long Term Retention (LTR) feature, where sensitive credentials can be exposed in debug mode. Affected versions are 12.2.1 and 12.2.2; the issue is described as CWE-200 (Exposure of Sens...
CVE-2026-8405 IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
PT-2026-43990
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
IBM Guardium Data Protection 信息泄露漏洞
IBM Guardium Data Protection is a comprehensive data security platform developed by the American company International Business Machines IBM. Versions 12.2.1 and 12.2.2 of IBM Guardium Data Protection contain information leakage vulnerabilities. These vulnerabilities stem from the Long Term...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the debugMode process. An attacker can obtain sensitive server-side source code and file contents by provoking a runtime error in a served script. Remediation Upgrade github.com/xyproto/algernon/engine to versio...
CVE-2026-45728
Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...
EUVD-2026-31868
Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...
CVE-2026-45728 Algernon: Single-file mode unconditionally enables debug mode
Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...
CVE-2026-45728
Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...
CVE-2026-45728 Algernon: Single-file mode unconditionally enables debug mode
Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...
CVE-2026-45728
CVE-2026-45728 (Algernon) exposes server-side source on error when running in single-file mode. Prior to 1.17.7, invoking Algernon with a file path (not a dir) forces singleFileMode, which enables debugMode and renders PrettyError pages that reveal the absolute path and full contents of the error...
Security Bulletin: IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability (CVE-2026-8405)
Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2026-8405 DESCRIPTION: IBM Guardium Data Protection's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...