vm2 setup-sandbox.js violates Defense Invariant #11 in stack-trace formatter

Summary defaultSandboxPrepareStackTrace in lib/setup-sandbox.js lines 605, 607 appends to a fresh sandbox-realm lines = via lineslines.length = value. This is the exact invariant-violating pattern that GHSA-9qj6-qjgg-37qq commit ca195f0, 2026-05-01 just patched in neutralizeArraySpeciesBatch and...

EUVD-2022-2446

Malicious code in bioql PyPI...

EUVD-2023-1101

Malicious code in bioql PyPI...

CVE-2024-56663 wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211ATTRMLOLINKID off-by-one Since the netlink attribute range validation provides inclusive checking, the max of attribute NL80211ATTRMLOLINKID should be IEEE80211MLDMAXNUMLINKS - 1 otherwise causing an...

Azure MCS catalog update fails with FailedToStartImagePreparationVm - CreateUpdateVm-1 timed out

Unable to update a machine catalog for an Azure hosted MCS deployment. The MCS process fails early about 15% into the update The error message shows "Error - Terminated", and the action name is "MCUpdateMachineCatalog" The full stack trace is similar to this : TerminatedStack Trace: at...

CVE-2023-27904

A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers...

CVE-2023-27904

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers...

CVE-2023-27904

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers...

CVE-2023-27904

CVE-2023-27904 is active in Jenkins/Jenkins-2-plugins deployments per multiple security advisories (RHSA) and Nessus findings. The issue is information disclosure: when agent connections fail, error stack traces may reveal Jenkins configuration details to an attacker. Affected environments includ...

Diavante vue-storefront-api and storefront-api disclose stack trace

In Divante vue-storefront-api through 1.11.1 and storefront-api through 1.0-rc.1, as used in VueStorefront PWA, unexpected HTTP requests lead to an exception that discloses the error stack trace, with absolute file paths and Node.js module names...

CVE-2020-11883

In Divante vue-storefront-api through 1.11.1 and storefront-api through 1.0-rc.1, as used in VueStorefront PWA, unexpected HTTP requests lead to an exception that discloses the error stack trace, with absolute file paths and Node.js module names...

CVE-2020-11883

In Divante vue-storefront-api through 1.11.1 and storefront-api through 1.0-rc.1, as used in VueStorefront PWA, unexpected HTTP requests lead to an exception that discloses the error stack trace, with absolute file paths and Node.js module names...

CVE-2017-7683

Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error stack trace, which is not secure...

Whisper: Error stack trace

Open wid param broken http://prod.whisper.sh/whispers/replies?uid=050e3617a744474140874730dbe5055367c5c5&wid=04d27d987de7f897580096b099815691cd4a89%27%22&sme=false and got error stack trace...

Enter: Error stack trace

Make request removed csrf token in POST data POST /settings HTTP/1.1 Host: wallet.robocoin.com User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.9; rv:34.0 Gecko/20100101 Firefox/34.0 Accept: / Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Content-Type:...