CVE-2024-45658 IBM Security Verify Access information disclosure

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system...

Security update for orc

This update for orc fixes the following issues: CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2025:20060-1 Security update for orc

This update for orc fixes the following issues: - CVE-2024-40897: Fixed a stack-based buffer overflow when formatting error messages bsc1228184...

Security Bulletin: IBM MQ Console is affected by a password disclosure vulnerability (CVE-2024-52897)

Summary IBM MQ has addressed a password disclosure vulnerability in the IBM MQ Console. Vulnerability Details CVEID:CVE-2024-52897 DESCRIPTION: IBM MQ web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. CWE:CWE-209:...

Security Bulletin: IBM MQ Console is affected by a password disclosure vulnerability (CVE-2024-52898)

Summary IBM MQ has addressed a password disclosure vulnerability in the IBM MQ Console. Vulnerability Details CVEID:CVE-2024-52898 DESCRIPTION: IBM MQ web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. CWE:CWE-209:...

Security Bulletin: IBM MQ Console is affected by a password disclosure vulnerability (CVE-2024-52896)

Summary IBM MQ has addressed a password disclosure vulnerability in the IBM MQ Console. Vulnerability Details CVEID:CVE-2024-52896 DESCRIPTION: IBM MQ web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. CWE:CWE-209:...

Reflected Cross Site Scripting (XSS)

silverstripe/framework is vulnerable to cross-site scripting XSS. The vulnerability is due to improper handling of error messages, which allows execution of a malicious payload included in a URL when the website is set to the "dev" environment mode...

CVE-2024-35134

IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2024-35111

IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2024-35134 IBM Analytics Content Hub information disclosure

IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2024-35111 IBM Control Center information disclosure

IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

IBM Control Center 安全漏洞

IBM Control Center is a centralized monitoring and management system from International Business Machines IBM. A security vulnerability exists in IBM Control Center versions 6.2.1 and 6.3.1. An attacker could exploit the vulnerability to obtain sensitive information when a browser returns a...

PT-2025-2430 · Ibm · Ibm Analytics Content Hub

Name of the Vulnerable Software and Affected Versions: IBM Analytics Content Hub version 2.0 Description: The issue is related to the mechanism of forming error reports in IBM Analytics Content Hub, which could allow a remote attacker to obtain sensitive information when a detailed technical erro...

CVE-2025-24552

Generation of Error Message Containing Sensitive Information vulnerability in paytiumsupport Paytium paytium allows Retrieve Embedded Sensitive Data.This issue affects Paytium: from n/a through = 4.4.11...

Reflected Cross Site Scripting (XSS) in error message

If a website has been set to the "dev" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message...

GHSA-74J9-XHQR-6QV3 Reflected Cross Site Scripting (XSS) in error message

If a website has been set to the "dev" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message...

PT-2025-5632 · Packagist · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue occurs when a website is set to the "dev" environment mode. In this mode, if a URL containing an XSS payload is provided, the payload will be executed in the resulting error...

The vulnerability of SAP NetWeaver Application Server ABAP and ABAP Platform software integration platforms, related to information leakage in error messages, allows attackers to gain unauthorized access to protected information.

The vulnerability of SAP NetWeaver Application Server ABAP and ABAP Platform software integration platforms is related to the leakage of information in error messages. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

Reflected Cross-Site Scripting (Reflected XSS)

silverstripe/framework is vulnerable to Reflected Cross-Site Scripting Reflected XSS. The vulnerability is due to the "dev" environment mode improperly rendering error messages, allowing an attacker to execute XSS payloads by providing a malicious URL...

CVE-2024-52005

Git is a source code management tool. When cloning from a server or fetching, or pushing, informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed directly to the...