CVE-2025-10750

The CVE CVE-2025-10750 concerns the WordPress PowerBI Embed Reports plugin (

CVE-2025-62168

A Information Disclosure vulnerability has been identified in the Squid web caching proxy. This flaw occurs when the application fails to properly redact sensitive Hypertext Transfer Protocol HTTP authentication credentials from an error response. A remote client can exploit this by triggering an...

CVE-2025-62168

Squid is a caching proxy for the Web. In Squid versions prior to 7.2, a failure to redact HTTP authentication credentials in error handling allows information disclosure. The vulnerability allows a script to bypass browser security protections and learn the credentials a trusted client uses to...

CVE-2025-54392

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189...

CVE-2025-54392

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189...

CVE-2025-54392

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189...

Netwrix Directory Manager 安全漏洞

Netwrix Directory Manager is a group and user management software from Netwrix, Inc. A security vulnerability exists in Netwrix Directory Manager versions prior to 11.1.25162.02 that stems from a cross-site scripting vulnerability in authentication error data...

CVE-2025-54392

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189...

CVE-2011-2501

...

CVE-2025-30211 KEX init error results with excessive memory usage

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...

CVE-2024-58018 nvkm: correctly calculate the available space of the GSP cmdq buffer

In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535gspcmdqpush waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one available page in the cmdq, it...

The vulnerability of Intel Dynamic Tuning Technology (DTT) in system software drivers lies in the ability to disclose information in the erroneous data area, allowing an attacker to enhance their privileges.

The vulnerability of system software drivers related to Intel Dynamic Tuning Technology DTT involves the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2024-21866

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed request...

The vulnerability of the check_univention_joinstatus component in the Univention Corporate Server operating system allows a hacker to increase their privileges.

The vulnerability of the checkuniventionjoinstatus component in the Univention Corporate Server operating system is related to the disclosure of information in the error-prone data area. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability affects the runtime of procedure calls in the Windows operating system, allowing attackers to exploit it to disclose sensitive information that is protected by security measures.

The vulnerability of the Remote Procedure Call component in the Windows operating system is related to the disclosure of information in the error data field. Exploiting this vulnerability can allow a remote attacker to disclose the protected information...

PT-2023-6248 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: HarmonyOS affected versions not specified Description: The issue is related to a broadcast permission control vulnerability in the Bluetooth module. Successful exploitation of this vulnerability can cause the Bluetooth function to be...

PT-2023-6244 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: HarmonyOS affected versions not specified Description: The issue is related to a vulnerability in the Bluetooth module of the HarmonyOS operating system, which is associated with information disclosure in an error data area. It may also invol...

The vulnerability of the XWiki platform, which involves exposing information in the wrong data area, allows a hacker to obtain the email addresses of all users.

The vulnerability of the XWiki Platform lies in the exposure of information in the error data area. Exploiting this vulnerability could allow a malicious actor to obtain the email addresses of all users...

PT-2023-8490 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 3.5-milestone-1 through 14.10.8 XWiki Platform versions 15.3-rc-1 and earlier Description: The issue is related to the disclosure of information in the error data area of the XWiki Platform, specifically in the...

PT-2023-2839 · 3S Smart Software Solutions · Codesys

Name of the Vulnerable Software and Affected Versions: Codesys versions affected versions not specified Description: The issue is related to the disclosure of information in an error data area, potentially allowing a remote attacker to impact data integrity. Recommendations: At the moment, there ...