CVE-2024-56342

IBM Verify Identity Access Digital Credentials 24.06 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2024-56342

IBM Verify Identity Access Digital Credentials 24.06 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

IBM Verify Identity Access Digital Credentials 安全漏洞

IBM Verify Identity Access Digital Credentials is a rights management system from International Business Machines IBM. A security vulnerability exists in IBM Verify Identity Access Digital Credentials version 24.06, which stems from an error message disclosure that could lead to access to sensiti...

The vulnerability of the IBM Guardium Data Protection platform regarding data security, related to the leakage of information in error messages, allows attackers to disclose protected information.

The vulnerability of the IBM Guardium Data Protection platform relates to the leakage of information in error messages. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

Cross-site Scripting (XSS)

Overview org.wso2.carbon.identity.framework:org.wso2.carbon.identity.user.store.configuration.ui is an User Store UI component for WSO2 Carbon Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insufficient output encoding in error messages generated by the JDBC...

CVE-2025-25025

IBM Security Guardium 12.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2025-25025

IBM Security Guardium 12.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2025-40653 User enumeration in M3M Printer Server Web

User enumeration vulnerability in M3M Printer Server Web. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine whether a username is valid or not, allowing a brute force attack on valid usernames...

CVE-2025-40653 User enumeration in M3M Printer Server Web

User enumeration vulnerability in M3M Printer Server Web. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine whether a username is valid or not, allowing a brute force attack on valid usernames...

JVN#39546799: Mailform Pro CGI generating error messages containing sensitive information

Mailform Pro CGI provided by SYNCK GRAPHICA contains a vulnerability listed below. Generation of error message containing sensitive information CWE-209 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Base Score 6.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Base Score 3.7...

CVE-2024-47826

eLabFTW is an open source electronic lab notebook for research labs. A vulnerability in versions prior to 5.1.5 allows an attacker to inject arbitrary HTML tags in the pages: "experiments.php" show mode, "database.php" show mode or "search.php". It works by providing HTML code in the extended...

CVE-2024-35155

IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 292765...

CVE-2024-47401

Mattermost versions 9.10.x = 9.10.2, 9.11.x = 9.11.1 and 9.5.x = 9.5.9 fail to prevent detailed error messages from being displayed in Playbooks which allows an attacker to generate a large response and cause an amplified GraphQL response which in turn could cause the application to crash by...

CVE-2024-8571

A vulnerability was found in erjemin rollcms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file rollcms/rollcms/views.py. The manipulation leads to information exposure through error message. This product takes the...

CVE-2024-44762

A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers to enumerate valid user accounts...

CVE-2024-5591

IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2024-49818

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2024-54366

Generation of Error Message Containing Sensitive Information vulnerability in videogallery Vimeography vimeography allows Retrieve Embedded Sensitive Data.This issue affects Vimeography: from n/a through = 2.4.4...

CVE-2024-35119

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 290342...

CVE-2024-53948

Generation of Error Message Containing analytics metadata Information in Apache Superset. This issue affects Apache Superset: before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue...