3851 matches found
Lookyloo 跨站脚本漏洞
Lookyloo is a website capture tool from Lookyloo open source. A cross-site scripting vulnerability exists in Lookyloo versions prior to 1.35.3, which stems from an unfiltered URL in an error message and could lead to a cross-site scripting attack...
PT-2025-48752
Name of the Vulnerable Software and Affected Versions Lookyloo versions prior to 1.35.3 Description Lookyloo is a web interface used to capture website pages and display a tree of domains that interact with each other. A cross-site scripting XSS issue can occur when a user submits URLs for captur...
CVE-2025-52671
Debug information disclosure in the SQL error message to in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes non-admin users to acquire information about the software, PHP and database versions currently in use...
PT-2025-47621
Debug information disclosure in the SQL error message to in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes non-admin users to acquire information about the software, PHP and database versions currently in use...
Directus 安全漏洞
Directus is a real-time Api and application dashboard open-sourced by Directus. It is used to manage Sql database content. A security vulnerability exists in Directus versions prior to 11.13.0 that stems from a REST API error message discrepancy that could lead to the disclosure of unauthorized...
Siemens SIMATIC S7-1500 Generation of Error Message Containing Sensitive Information (CVE-2022-0563)
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an INPUTRC environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the...
Cross-site Scripting (XSS)
Overview @nuxt/devtools is a Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper sanitization of error messages on DevTools authentication page. An attacker can extract authentication tokens by tricking a user into interacting with maliciously crafted...
EUVD-2025-36737
When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information the ALPN protocols sent by the client which is not escaped...
Google Go 安全漏洞
Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google USA. A security vulnerability exists in Google Go that stems from an error message not escaping attacker-controlled data when ALPN negotiation fails, which could lead to informatio...
EUVD-2025-34831
D-Link Nuclias Connect firmware versions = 1.3.1.4 contain an observable response discrepancy vulnerability. The application's 'Login' endpoint returns distinct JSON responses depending on whether the supplied username is associated with an existing account. Because the responses differ in the...
CVE-2025-34254
D-Link Nuclias Connect firmware versions = 1.3.1.4 contain an observable response discrepancy vulnerability. The application's 'Login' endpoint returns distinct JSON responses depending on whether the supplied username is associated with an existing account. Because the responses differ in the...
CVE-2025-34254 D-Link Nuclias Connect <= v1.3.1.4 Login Account Enumeration
D-Link Nuclias Connect firmware versions = 1.3.1.4 contain an observable response discrepancy vulnerability. The application's 'Login' endpoint returns distinct JSON responses depending on whether the supplied username is associated with an existing account. Because the responses differ in the...
CVE-2025-55676
Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally...
EUVD-2005-2478
Malware in sbrugna...
EUVD-2020-18061
Malware in sbrugna...
EUVD-2020-25722
Malware in sbrugna...
EUVD-2021-25470
Malware in sbrugna...
EUVD-2020-25566
Malware in sbrugna...
EUVD-2006-5743
Malware in sbrugna...
EUVD-2003-1476
Malware in sbrugna...