PT-2026-39725

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, atendido/familiar docfamiliar.php displays an overly descriptive error message, including database-related details. This verbosity leads to information disclosure, which could assist a potential attacker in mapping th...

Generation of Error Message Containing Sensitive Information

Overview Affected versions of this package are vulnerable to Generation of Error Message Containing Sensitive Information due to the raw message of every server-side AuthenticationException being returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker...

AZL-75449 CVE-2025-11065 affecting package kubevirt 1.6.3-3

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

PT-2026-3934

Neo4j Enterprise edition versions prior to 2025.11.2 and 5.26.17 are vulnerable to a potential information disclosure by an attacker who has some legitimate access to the database. The vulnerability allows attacker without read access to a property to infer information about its value by trying t...

CVE-2005-1650

The web mail service in Woppoware PostMaster 4.2.2 build 3.2.5 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames...

EUVD-2008-7171

Malware in sbrugna...

EUVD-2007-5744

Malware in sbrugna...

EUVD-2006-6982

Malware in sbrugna...

EUVD-2005-2437

Malware in sbrugna...

EUVD-2022-30638

Malicious code in bioql PyPI...

The vulnerability of the IBM Guardium Data Protection platform regarding data security, related to the leakage of information in error messages, allows attackers to disclose protected information.

The vulnerability of the IBM Guardium Data Protection platform relates to the leakage of information in error messages. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

CVE-2022-0504

Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...

CLSA-2025-1747431041 Fix CVE(s): CVE-2024-10976, CVE-2024-10977

SECURITY UPDATE: incomplete tracking of row security allows unauthorized access to data - debian/patches/CVE-2024-10976.patch: Ensure cached plans to be correctly marked as dependent on role to fix the issue of neglected marking which could lead to incorrect row visibility. - CVE-2024-10976...

IBM EntireX 安全漏洞

IBM EntireX is a versatile middleware solution from International Business Machines IBM designed to facilitate seamless integration between core enterprise applications and modern applications. A security vulnerability exists in IBM EntireX version 11.1 that originates from the return of a Detail...

PT-2025-2430 · Ibm · Ibm Analytics Content Hub

Name of the Vulnerable Software and Affected Versions: IBM Analytics Content Hub version 2.0 Description: The issue is related to the mechanism of forming error reports in IBM Analytics Content Hub, which could allow a remote attacker to obtain sensitive information when a detailed technical erro...

The vulnerability of SAP NetWeaver Application Server ABAP and ABAP Platform software integration platforms, related to information leakage in error messages, allows attackers to gain unauthorized access to protected information.

The vulnerability of SAP NetWeaver Application Server ABAP and ABAP Platform software integration platforms is related to the leakage of information in error messages. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

Important: postgresql

Issue Overview: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query...

Important: postgresql15

Issue Overview: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query...

Generation of Error Message Containing Sensitive Information

Overview Umbraco.Cms.Web.Common is a package containing the web assembly needed to run Umbraco CMS. Affected versions of this package are vulnerable to Generation of Error Message Containing Sensitive Information. An attacker can obtain stack trace information that may include sensitive data by...

The vulnerability of the IBM InfoSphere Information Server software platform, related to the leakage of information in error messages, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the IBM InfoSphere Information Server software platform is related to the leakage of information in error messages. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...