Sensitive Information Disclosure

IBM MQ is vulnerable to Sensitive Information Disclosure. The vulnerability is due to a detailed technical error message being returned in the browser. The attacker can use this information in further attacks against the system...

CVE-2023-50953 IBM InfoSphere Information Server information disclosure

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. IBM X-Force ID: 275775...

CVE-2023-50953

CVE-2023-50953 – IBM InfoSphere Information Server 11.7 is an information-disclosure vulnerability caused by improper error handling. When a detailed technical error message is returned, a remote attacker could obtain sensitive information that could assist in further attacks. Affected product/ve...

PT-2024-4824 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue is related to a potential information leak in error messages. It may allow a remote attacker to obtain sensitive information when a detailed technical error message is...

CVE-2024-35156

IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 292766...

CVE-2024-35155

IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 292765...

CVE-2024-35156 IBM MQ information disclosure

IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 292766...

CVE-2024-35155

The CVE-2024-35155 entry affects IBM MQ Console versions 9.3 LTS and 9.3 CD. The issue is an information disclosure vulnerability where a detailed technical error message returned in the browser could reveal sensitive information, which an attacker could use to inform further attacks. The vulnera...

IBM MQ 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD (7158059)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7158059 advisory. - IBM MQ Console could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This...

CVE-2024-38552

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color transformation function. The issue could occur when the index 'i' exceeds the number of transfer...

CVE-2024-38552 drm/amd/display: Fix potential index out of bounds in color transformation function

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color transformation function. The issue could occur when the index 'i' exceeds the number of transfer...

CVE-2024-38552

The CVE-2024-38552 issue affects the Linux kernel DRM/AMD display path, specifically the color transformation function. A potential index out-of-bounds can occur when i exceeds TRANSFER_FUNC_POINTS, risking buffer overflow in output_tf-&gt;tf_pts.red/green/blue. The fix adds a bounds check for i,...

Anonshop Security Breach

Anonshop is an online shopping system from Anon shop open source. A security vulnerability exists in Anonshop. An attacker exploits the vulnerability to send an error message via a specially crafted HTTP request...

Information Exposure

zsa is vulnerable to Information Exposure Through Error Message. The vulnerability is due to the application transferring the parse error stack from the server to the client in production build mode, potentially revealing sensitive server information...

GHSA-WJMJ-H3XC-HXP8 Generation of Error Message Containing Sensitive Information in zsa

Impact All users are impacted. The zsa application transfers the parse error stack from the server to the client in production build mode. This can potentially reveal sensitive information about the server environment, such as the machine username and directory paths. An attacker could exploit th...

GO-2024-2882 github.com/huandu/facebook may expose access_token in error message.

github.com/huandu/facebook may expose accesstoken in error message...

CVE-2024-1164

The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's contact form widget error message and redirect URL in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping on user supplied error messages...

Cesanta MJS mjs_array_length function denial of service vulnerability

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. Designed for microcontrollers with limited resources. The main design goals were a small footprint and simple C/C++ interoperability. A denial of service vulnerability exists in the Cesanta MJS mjsarraylength function,...

CVE-2024-35232

github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. accesstoken can be exposed in error message on fail in HTTP request. This issue has been patched in version 2.7.2...

CVE-2024-35232 github.com/huandu/facebook may expose access_token in error message

github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. accesstoken can be exposed in error message on fail in HTTP request. This issue has been patched in version 2.7.2...