CVE-2025-55117 BMC Control-M/Agent buffer overflow in SSL/TLS communication

A stack-based buffer overflow can be remotely triggered when formatting an error message in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "useopenssl=n";...

CVE-2025-59399

libocpp before 0.28.0 allows a denial of service EVerest crash because a secondary exception is thrown during error message generation...

CVE-2025-59399

libocpp before 0.28.0 allows a denial of service EVerest crash because a secondary exception is thrown during error message generation...

CVE-2025-59399

libocpp before 0.28.0 allows a denial of service EVerest crash because a secondary exception is thrown during error message generation...

PT-2025-37738

Name of the Vulnerable Software and Affected Versions libocpp versions prior to 0.28.0 Description libocpp versions prior to 0.28.0 are susceptible to a denial of service condition, specifically an Everest crash. This occurs because a secondary exception is thrown during the generation of error...

TYPO3 CMS exposes sensitive information in an error message

Error messages containing sensitive information in the File Abstraction Layer in TYPO3 CMS versions 9.0.0-9.5.54, 10.0.0-10.4.53, 11.0.0-11.5.47, 12.0.0-12.4.36, and 13.0.0-13.4.17 allow backend users to disclose full file paths via failed low-level file-system operations...

Windows Kernel Memory Information Disclosure Vulnerability

Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally...

PT-2025-36826

Name of the Vulnerable Software and Affected Versions: Windows Kernel affected versions not specified Description: A vulnerability allows attackers to obtain sensitive information and affect the system. The Windows Kernel generates error messages containing sensitive information, potentially...

Linux Distros Unpatched Vulnerability : CVE-2019-12446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab Community and Enterprise Edition 8.3 through 11.11. It allows Information Exposure through an Error Message. CVE-2019-12446 No...

Linux Distros Unpatched Vulnerability : CVE-2020-25788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUESTurl in an error message...

Linux Distros Unpatched Vulnerability : CVE-2022-1120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 exposed sensitive...

CVE-2025-55630

A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 when entering the wrong username and password allows attackers to enumerate existing accounts...

Linux Distros Unpatched Vulnerability : CVE-2014-8625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple format string vulnerabilities in the parseerrormsg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service...

CVE-2025-55630

A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 when entering the wrong username and password allows attackers to enumerate existing accounts...

CVE-2025-55630

A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 when entering the wrong username and password allows attackers to enumerate existing accounts...

CVE-2025-55630

The CVE-2025-55630 entry concerns Reolink Smart 2K+ Plug-in Wi‑Fi Video Doorbell with Chime, firmware 3.0.0.4662_2503122283. A discrepancy in the login error message when credentials are incorrect allows attackers to enumerate existing accounts. Public details across connected sources confirm the...

ROS-20250821-08

A vulnerability in the TCPDF PHP library is related to reading arbitrary files from the server's file system via the src tag. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information. information Vulnerability in TCPDF PHP library is related to improper...

Linux Distros Unpatched Vulnerability : CVE-2020-13314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab Omniauth endpoint allowed a malicious user to submit content to be...

CVE-2025-9005 mtons mblog register information exposure

A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is...

CVE-2025-9005 mtons mblog register information exposure

A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is...