CVE-2024-28765

IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

EUVD-2024-55599

IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2024-28765 Security vulnerability was found in IBM Security Directory Integrator

IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

Astra Linux - уязвимость в packagekit

PackageKit provided detailed error messages to unprivileged callers who were exposed to information about the presence of files and their mimetypes. This information was difficult for those callers to determine on their own...

SUSE CVE-2026-33167

Action Pack is a Rubygem for building web applications on the Rails framework. In versions on the 8.1 branch prior to 8.1.2.1, the debug exceptions page does not properly escape exception messages. A carefully crafted exception message could inject arbitrary HTML and JavaScript into the page,...

AZL-75579 CVE-2025-11065 affecting package terraform for versions less than 1.3.2-29

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

IBM Security Verify Governance Identity Manager 安全漏洞

IBM Security Verify Governance Identity Manager is IBM's identity governance and management solution for centralized management of enterprise user identities and access rights. An information disclosure vulnerability exists in IBM Security Verify Governance Identity Manager 10.0.2, which stems fr...

SUSE CVE-2025-37990

In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: fmac: Add error handling for brcmfusbdlwriteimage The function brcmfusbdlwriteimage calls the function brcmfusbdlcmd but dose not check its return value. The 'state.state' and the 'state.bytes' are uninitialized ...

IBM InfoSphere Information Server 安全漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server version 11.7...

SUSE CVE-2024-47401

Mattermost versions 9.10.x = 9.10.2, 9.11.x = 9.11.1 and 9.5.x = 9.5.9 fail to prevent detailed error messages from being displayed in Playbooks which allows an attacker to generate a large response and cause an amplified GraphQL response which in turn could cause the application to crash by...

IBM Security Verify Access 安全漏洞

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. A security vulnerability exists in the IBM Security Verify Access Appliance, which stems from a vulnerability that could allow a remote attacker to gain access to sensitive...

PT-2025-2430 · Ibm · Ibm Analytics Content Hub

Name of the Vulnerable Software and Affected Versions: IBM Analytics Content Hub version 2.0 Description: The issue is related to the mechanism of forming error reports in IBM Analytics Content Hub, which could allow a remote attacker to obtain sensitive information when a detailed technical erro...

CVE-2024-52898

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned...

CVE-2021-20455

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

PT-2024-28651 · Ibm · Ibm Engineering Lifecycle Optimization - Engineering Insights

Name of the Vulnerable Software and Affected Versions: IBM Engineering Lifecycle Optimization - Engineering Insights versions 7.0.2 and 7.0.3 Description: The issue allows a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This...

PT-2024-34638 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows an authenticated user to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further...

PT-2024-6129 · Ibm · Ibm Qradar Suite +1

Name of the Vulnerable Software and Affected Versions: IBM QRadar Suite Software versions 1.10.12.0 through 1.10.22.0 IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0 Description: The issue is related to weaknesses in the error reporting mechanism of IBM QRadar Suite and IBM Cloud P...

PT-2024-5093 · Ibm · Ibm Datacap Navigator

Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9 Description: The issue is related to the error reporting mechanism in IBM Datacap Navigator, which could allow a remote attacker to obtain sensitive information when a detailed technical erro...

CVE-2024-35156

IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 292766...

CVE-2024-35155

IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 292765...