EUVD-2023-36980

Malicious code in bioql PyPI...

CVE-2025-11125

A vulnerability was found in langleyfcu Online Banking System up to 57437e6400ce0ae240e692c24e6346b8d0c17d7a. Affected by this vulnerability is an unknown functionality of the file /connectionerror.php of the component Error Message Handler. Performing manipulation of the argument Error results i...

CVE-2025-11125 langleyfcu Online Banking System Error Message connection_error.php cross site scripting

A vulnerability was found in langleyfcu Online Banking System up to 57437e6400ce0ae240e692c24e6346b8d0c17d7a. Affected by this vulnerability is an unknown functionality of the file /connectionerror.php of the component Error Message Handler. Performing manipulation of the argument Error results i...

CVE-2025-11125

Langleyfcu Online Banking System is affected by CVE-2025-11125. A cross-site scripting vulnerability exists in the Error Message Handler’s /connection_error.php where manipulation of the Error parameter can be exploited remotely. The issue affects versions prior to 57437e6400ce0ae240e692c24e6346b...

PT-2025-39796

Name of the Vulnerable Software and Affected Versions langleyfcu Online Banking System versions prior to 57437e6400ce0ae240e692c24e6346b8d0c17d7a Description A cross site scripting issue exists in the Error Message Handler component of langleyfcu Online Banking System. The issue is related to...

CVE-2025-1396

A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct "User does not exist" error message to the login form, regardless of the validateusername setting. This behavior allows malicious actor...

CVE-2025-1396 Username Enumeration in Multiple WSO2 Products with Multi-Attribute Login Enabled

A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct "User does not exist" error message to the login form, regardless of the validateusername setting. This behavior allows malicious actor...

PT-2025-39521

Name of the Vulnerable Software and Affected Versions WSO2 products affected versions not specified Description A username enumeration issue exists when Multi-Attribute Login is enabled. The system provides a different response for existing and non-existing usernames, regardless of the validate...

CVE-2025-26333

Dell BSAFE Crypto-J generates an error message that includes sensitive information about its environment and associated data. A remote attacker could potentially exploit this vulnerability, leading to information exposure...

CVE-2025-26333

Dell BSAFE Crypto-J generates an error message that includes sensitive information about its environment and associated data. A remote attacker could potentially exploit this vulnerability, leading to information exposure...

CVE-2025-26333

Dell BSAFE Crypto-J contains an information disclosure flaw: error messages may reveal sensitive environment details and associated data to remote attackers (CVE-2025-26333). Affected product is Dell BSAFE Crypto-J; impact is information exposure with HIGH confidentiality impact per NVD. Dell has...

PT-2025-39408

Name of the Vulnerable Software and Affected Versions Dell Crypto-J affected versions not specified Description The software generates an error message containing sensitive information about its environment and associated data. A remote attacker could potentially exploit this issue, leading to...

CVE-2024-6429

The CVE-2024-6429 entry describes a content spoofing vulnerability in WSO2 products caused by improper handling/validation of error messages passed through URL parameters, enabling attackers to inject arbitrary UI content and facilitate social-engineering attacks. Affected components include WSO2...

CVE-2024-6429 Content Spoofing in Multiple WSO2 Products via Error Message Injection

A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed through URL parameters without validation, allowing malicious actors to inject arbitrary content into the UI. By exploiting this...

WSO2 Identity Server 安全漏洞

WSO2 Identity Server IS is an identity server from WSO2, Inc. A security vulnerability exists in WSO2 Identity Server IS that stems from improper handling of error messages and could lead to malicious content injection and social engineering attacks...

ROS-20250922-06

A vulnerability in the RabbitMQ messaging and streaming broker is related to insufficient cleansing of user-supplied data in an error message in the management interface. Exploitation of the vulnerability could allow an attacker acting remotely to perform cross-site scripting...

CVE-2025-55117

A stack-based buffer overflow can be remotely triggered when formatting an error message in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "useopenssl=n";...

BMC Control-M Stack Buffer Overflow Vulnerability

BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. BMC Control-M suffers from a stack buffer overflow vulnerability that originates from formatting an error message when SSL/TLS communication is misconfigured, no...

CVE-2025-59399

libocpp before 0.28.0 allows a denial of service EVerest crash because a secondary exception is thrown during error message generation...

CVE-2025-55117 BMC Control-M/Agent buffer overflow in SSL/TLS communication

A stack-based buffer overflow can be remotely triggered when formatting an error message in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "useopenssl=n";...