SUSE CVE-2012-1586

mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message...

SUSE CVE-2013-3742

Cross-site scripting XSS vulnerability in viewcreate.php aka the Create View page in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an invalid SQL CREATE VIEW statement with a crafted name that triggers an error message...

SUSE CVE-2013-4999

phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to Error.class.php and ErrorHandler.class.php...

SUSE CVE-2013-5000

phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files...

SUSE CVE-2015-8669

libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message...

SUSE CVE-2016-2038

phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message...

SUSE CVE-2020-35605

The Graphics Protocol feature in graphics.c in kitty before 0.19.3 allows remote attackers to execute arbitrary code because a filename containing special characters can be included in an error message...

SUSE CVE-2021-22570

Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to...

GitLab 信息泄露漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. GitLab suffers from an information disclosure vulnerability that stems from th...

CVE-2022-41862

In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...

Managing Incomplete Transactions in the _assertConsiderationLengthIsNotLessThanOriginalConsiderationLength Function

Lines of code Vulnerability details Impact In the assertConsiderationLengthIsNotLessThanOriginalConsiderationLength function, the revertMissingOriginalConsiderationItems function is called if the supplied consideration item total is less than the original consideration item total. However, there ...

CVE-2022-46371

Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message contains the default administrator user name...

Design/Logic Flaw

Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message contains the default administrator user name...

CVE-2022-46371 Alotcer - AR7088H-A Information disclosure

Alotcer - AR7088H-A firmware version 16.10.3 Information disclosure. Unspecified error message contains the default administrator user name...

Citrix ADC: 13.1: error message for smart card access to gateway

Citrix ADC: 13.1: error message for smart card access to the gateway...

EulerOS Virtualization 3.0.2.6 : gdk-pixbuf2 (EulerOS-SA-2023-1084)

According to the versions of the gdk-pixbuf2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service NULL pointer dereferen...

GHSA-VF99-XW26-86G5 PgHero Allows Information Disclosure Through EXPLAIN Feature

PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. Depending on database user privileges, this may only be information from the database, or may be information from file contents on the database server...

PgHero Allows Information Disclosure Through EXPLAIN Feature

PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. Depending on database user privileges, this may only be information from the database, or may be information from file contents on the database server...

CVE-2023-22626

PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. Depending on database user privileges, this may only be information from the database, or may be information from file contents on the database server...

Mozilla Firefox Information Disclosure Vulnerability (CNVD-2023-59031)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. An information disclosure vulnerability exists in Mozilla Firefox that originates from a sensitive feature in the display error message in a cross-origin response when the product imports resources usi...