Online Medicine Ordering System 1.0 Authentication Bypass / SQL Injection

Online Medicine Ordering System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Titles: OMOS-1.0-Copyright©2025-Multiple-SQLi Author: nu11secur1ty Date: 03/28/2025 Vendor: https://github.com/oretnom23 Software:...

CVE-2022-49761

In the Linux kernel, the following vulnerability has been resolved: btrfs: always report error in runonedelayedref Currently we have a btrfsdebug for runonedelayedref failure, but if end users hit such problem, there will be no chance that btrfsdebug is enabled. This can lead to very little usefu...

Security Bulletin: IBM Sterling File Gateway is vulnerable to information disclosure (CVE-2021-39086)

Summary IBM Sterling File Gateway has addressed the an information discloure vulnerability. Vulnerability Details CVEID:CVE-2021-39086 DESCRIPTION: IBM Sterling File Gateway could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the...

Citrix DaaS - Error: Monitoring page could not be loaded [User authentication Failure]

New custom cloud administrators get the below error when trying to access Monitor console-...

Security update for orc

This update for orc fixes the following issues: CVE-2024-40897: Fixed a stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2025:20152-1 Security update for orc

This update for orc fixes the following issues: - CVE-2024-40897: Fixed a stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184...

CVE-2024-55198

User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through discrepancies in the responses...

CVE-2025-2239

Generation of Error Message Containing Sensitive Information vulnerability in Hillstone Networks Hillstone Next Generation FireWall.This issue affects Hillstone Next Generation FireWall: from 5.5R8P1 before 5.5R8P23...

CVE-2024-12380 Generation of Error Message Containing Sensitive Information in GitLab

An issue was discovered in GitLab EE/CE affecting all versions starting from 11.5 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. Certain user inputs in repository mirroring settings could potentially expose sensitive authentication...

IBM EntireX Information Disclosure Vulnerability (CNVD-2025-05562)

IBM EntireX is a versatile middleware solution from International Business Machines IBM designed to facilitate seamless integration between core enterprise applications and modern applications. An information disclosure vulnerability exists in IBM EntireX version 11.1 that originates from the...

IBM EntireX Information Disclosure Vulnerability (CNVD-2025-06203)

IBM EntireX is a versatile middleware solution from International Business Machines IBM designed to facilitate seamless integration between core enterprise applications and modern applications. An information disclosure vulnerability exists in IBM EntireX version 11.1, which is caused by an error...

CVE-2024-55198

CVE-2024-55198 affects Celk Sistemas Celk Saude v3.1.252.1. The vulnerability arises from discrepancies in error messages in the password recovery flow, enabling a remote attacker to enumerate existing users. Impact is user enumeration; no additional exploit details or exploitation status are pro...

CVE-2025-0883 vulnerability has been discovered in OpenText™ Service Manager.

Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText™ Service Manager. The vulnerability could reveal sensitive information retained by the browser. This issue affects Service Manager: 9.70, 9.71, 9.72, 9.80...

CVE-2025-2239

Generation of Error Message Containing Sensitive Information vulnerability in Hillstone Networks Hillstone Next Generation FireWall.This issue affects Hillstone Next Generation FireWall: from 5.5R8P1 before 5.5R8P23...

CVE-2025-2239 Absolute Path Disclosure Vulnerability in Hillstone Next Generation FireWall

Generation of Error Message Containing Sensitive Information vulnerability in Hillstone Networks Hillstone Next Generation FireWall.This issue affects Hillstone Next Generation FireWall: from 5.5R8P1 before 5.5R8P23...

CVE-2025-2239

Summary: CVE-2025-2239 is a vulnerability in Hillstone Networks’ Next Generation Firewall. The issue is described as the “generation of an error message containing sensitive information,” affecting Hillstone Next Generation Firewall versions from 5.5R8P1 up to, but not including, 5.5R8P23. The co...

Hillstone Next Generation FireWall 安全漏洞

Hillstone Next Generation FireWall is a firewall from China-based Hillstone. A security vulnerability exists in Hillstone Next Generation FireWall versions prior to 5.5R8P1 through 5.5R8P23, which originates from the generation of an error message containing sensitive information...

CVE-2025-20002 GMOD Apollo Generation of Error Message Containing Sensitive Information

After attempting to upload a file that does not meet prerequisites, GMOD Apollo will respond with local path information disclosure...

CVE-2025-20002 GMOD Apollo Generation of Error Message Containing Sensitive Information

After attempting to upload a file that does not meet prerequisites, GMOD Apollo will respond with local path information disclosure...

Linux Distros Unpatched Vulnerability : CVE-2024-21733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from...