3856 matches found
FrameworkUserBundle Generates Error Message Containing Sensitive Information
A vulnerability was found in sumocoders FrameworkUserBundle up to 1.3.x. It has been rated as problematic. Affected by this issue is some unknown functionality of the file Resources/views/Security/login.html.twig. The manipulation leads to information exposure through error message. Upgrading to...
CVE-2015-10012
CVE-2015-10012 affects sumocoders FrameworkUserBundle up to version 1.3.x. The vulnerability involves unknown functionality in Resources/views/Security/login.html.twig that can lead to information exposure through error messages. Upgrading to version 1.4.0 addresses the issue (patch: abe4993390ba...
PT-2022-9030 · Openmrs · Openmrs Admin Ui Module
Name of the Vulnerable Software and Affected Versions: OpenMRS Admin UI Module versions up to 1.4.x Description: A problematic vulnerability has been found in the OpenMRS Admin UI Module, affecting the sendErrorMessage function of the AccountPageController.java file, part of the Account Setup...
[NetScaler] SDX reports "Appliance is running in grace" Error
SDX has instance license CNSINSTCCS checked from ADM. And SDX may report error "Appliance is running in grace. System will loose capacity after XYZ hours"...
CVE-2022-22449
IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 224915...
Information disclosure
IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 224915...
CVE-2022-34477
The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 102...
PT-2022-15438 · Ibm · Ibm Security Verify Governance
Name of the Vulnerable Software and Affected Versions: IBM Security Verify Governance, Identity Manager version 10.01 Description: A remote attacker could obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further...
CVE-2022-45412
When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. This bug only affects Thunderbird on Unix-based operated systems Android, Linux, MacOS. Windows is unaffected.. This...
PrePOMarket.redeem() business logic may raise users' concerns of their assets
Lines of code Vulnerability details Impact When a user tries to redeem assets, current business logic may fail and pop the error msg fee = 0 repeatedly. Users may not understand what's happening behind, thus raise concers about the safety of their assets since it looks like their assets are out o...
Irrelevant error message from PrePOMarket.redeem() worries users
Lines of code Vulnerability details Impact Users may receive error messages fee = 0 whenever making a redemption from PrePOMarket contract if the redemption amout is not enough. The error message is irrelevant to users. It's related to the protocol processing the redemption. If a user receives...
Information disclosure
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1/Automatic Operation allows local users to gain sensitive information. This issue affects JP1/Automatic Operation: from 10-00 through 10-54-03, from 11-00 before 11-51-09, from 12-00 before 12-60-01...
CVE-2022-34881 Information Exposure Vulnerability in JP1/Automatic Operation
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1/Automatic Operation allows local users to gain sensitive information. This issue affects JP1/Automatic Operation: from 10-00 through 10-54-03, from 11-00 before 11-51-09, from 12-00 before 12-60-01...
Hitachi JP1/Automatic Operation 安全漏洞
Hitachi JP1/Automatic Operation is an automatic operation management system from Hitachi, Japan. It can be used to perform tasks on operating systems, virtual environments, storage devices, DBMS, and other products. A security vulnerability exists in Hitachi JP1/Automatic Operation that originate...
Incorrect behavior in CrossChainExecutorPolygon contract
Lines of code Vulnerability details Description: We have discovered an issue with the CrossChainExecutorPolygon contract. When a message with a nonce that has already been executed is received, the contract does not prevent the message from being processed or display an error message. This issue...
ADM License warning - "Licenses will be reduced to 2"
ADM warning message showing Licenses will be reduced on VIPs from 30 down to 2. Error message appears post upgrade to13.1-12.x or later...
CVE-2022-45218
Human Resource Management System v1.0.0 was discovered to contain a cross-site scripting XSS vulnerability. This vulnerability is triggered via a crafted payload injected into an authentication error message...
CVE-2022-45218
Human Resource Management System v1.0.0 was discovered to contain a cross-site scripting XSS vulnerability. This vulnerability is triggered via a crafted payload injected into an authentication error message...
Mozilla: Symlinks may resolve to partially uninitialized buffers
The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...
Mozilla: Symlinks may resolve to partially uninitialized buffers
The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...