3856 matches found
Webmin Usermin 安全漏洞
Webmin Usermin is a web-based interface from Webmin Inc. It is used for webmail, password change, mail filters, fetchmail, and more. A security vulnerability exists in Webmin Usermin version 2.100, which stems from a discrepancy in the error message for the presence of an invalid login attempt,...
"An Account is not Configured" Displayed On Startup when AllowAddStore is set to N in Registry
Citrix Workspace app for Windows is being configured via command line arguments and then launched programmatically The following error is displayed: An Account is not Configured. Please contact your administrator...
Information Exposure Through An Error Message
org.jenkins-ci.main:jenkins-core is vulnerable to Information Exposure Through an Error Message. The vulnerability is due to improper redaction of multi-line secret values in error messages generated from form submissions involving the secretTextarea form field...
Fedora 40 : php (2024-2b429e720e)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2b429e720e advisory. PHP version 8.3.12 26 Sep 2024 CGI: Fixed bug GHSA-p99j-rfp4-xqvq Bypass of CVE-2024-4577, Parameter Injection Vulnerability. CVE-2024-8926 nielsdos...
Citrix Cloud with Okta SAML IDP initiated login doesn't work
Citrix Cloud SAML initiated login doesn't work following error is thrown "Unable to Process Your Request" Everything is successful if we use SP initiated log in...
CVE-2024-46751
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUGON when 0 reference count at btrfslookupextentinfo Instead of doing a BUGON handle the error by returning -EUCLEAN, aborting the transaction and logging an error message...
CVE-2024-46751
CVE-2024-46751 affects the Linux kernel's BTRFS path btrfs_lookup_extent_info(), where a 0 reference count could trigger a BUG_ON(). The fix replaces BUG_ON() with returning -EUCLEAN, aborting the transaction, and logging an error. This is documented in Debian/Ubuntu advisories and included in pa...
CVE-2024-5435 Generation of Error Message Containing Sensitive Information in GitLab
An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 15.10 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2 will disclose user password from repository mirror configuration...
CVE-2024-8571
A vulnerability was found in erjemin rollcms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file rollcms/rollcms/views.py. The manipulation leads to information exposure through error message. This product takes the...
CVE-2024-8571 erjemin roll_cms views.py information exposure
A vulnerability was found in erjemin rollcms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file rollcms/rollcms/views.py. The manipulation leads to information exposure through error message. This product takes the...
CVE-2024-8571 erjemin roll_cms views.py information exposure
A vulnerability was found in erjemin rollcms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file rollcms/rollcms/views.py. The manipulation leads to information exposure through error message. This product takes the...
RollCMS 安全漏洞
RollCMS is a content management system by Sergei Erjemin Personal Developer. A security vulnerability exists in RollCMS 1484fe2c4e0805946a7bcf46218509fcb34883a9 and prior versions, which stems from mishandling of an unknown section in the rollcms/rollcms/views.py file, resulting in the disclosure...
Varnish Cache CLI File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/tcp/client' require 'metasploit/framework/varnish/client' class MetasploitModule 'Varnish Cache CLI File Read', 'Description' = 'This modul...
gitoxide-core does not neutralize special characters for terminals
Summary The gix and ein commands write pathnames and other metadata literally to terminals, even if they contain characters terminals treat specially, including ANSI escape sequences. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages...
CVE-2023-52912
CVE-2023-52912 relates to the Linux kernel’s DRM amdgpu subsystem. The issue arises during unloading of amdgpu where a bug in drm_buddy_free_block can trigger a kernel BUG and invalid opcode, as shown in the stack trace and kernel log snippet. The impact is a potentially local disruption of a sys...
CVE-2023-52912 drm/amdgpu: Fixed bug on error when unloading amdgpu
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed bug on error when unloading amdgpu Fixed bug on error when unloading amdgpu. The error message is as follows: 377.706202 kernel BUG at drivers/gpu/drm/drmbuddy.c:278! 377.706215 invalid opcode: 0000 1 PREEMPT SM...
CVE-2022-48889 ASoC: Intel: sof-nau8825: fix module alias overflow
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof-nau8825: fix module alias overflow The maximum name length for a platformdeviceid entry is 20 characters including the trailing NUL byte. The sofnau8825.c file exceeds that, which causes an obscure error message:...
Generation of Error Message Containing Sensitive Information
Overview Umbraco.Cms.Web.Common is a package containing the web assembly needed to run Umbraco CMS. Affected versions of this package are vulnerable to Generation of Error Message Containing Sensitive Information. An attacker can obtain stack trace information that may include sensitive data by...
Umbraco CMS vulnerable to Generation of Error Message Containing Sensitive Information
Impact Some endpoints in the Management API can return stack trace information, even when Umbraco is not in debug mode. Explanation of the vulnerability Management API endpoints leaked stack traces in case of Internal server errors, no matter if the debug setting was disabled. E.g. when paging wi...
GHSA-77GJ-CRHP-3GVX Umbraco CMS vulnerable to Generation of Error Message Containing Sensitive Information
Impact Some endpoints in the Management API can return stack trace information, even when Umbraco is not in debug mode. Explanation of the vulnerability Management API endpoints leaked stack traces in case of Internal server errors, no matter if the debug setting was disabled. E.g. when paging wi...