18 matches found
ROS-20250912-09
Vulnerability in the implementation of the CORS mechanism of the Python PyPi language software product repository is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information. remotely to disclose protected...
ROS-20250616-22
A vulnerability in the Zabbix Universal Monitoring System server is related to excessive data output by an by the application. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. to potentially sensitive information. A vulnerability...
PostgreSQL Memory disclosure in aggregate function calls (CVE-2023-5868)
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
ROS-2-1000
2.1000 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...
webkitgtk: disclose sensitive information
A flaw was found in WebKitGTK, which exists due to excessive data output in WebKit Process Model. This issue occurs when processing malicious web content, which may lead to sensitive information disclosure to unauthorized attackers...
webkitgtk: disclose sensitive information
A flaw was found in WebKitGTK, which exists due to excessive data output in WebKit Process Model. This issue occurs when processing malicious web content, which may lead to sensitive information disclosure to unauthorized attackers...
The vulnerability of the Request Tracker system for enterprise-level request tracking and monitoring lies in its excessive data output when searching transactions by authenticated users in the transaction builder. This allows attackers to gain unauthorized access to confidential information.
The vulnerability of the Request Tracker system for enterprise-level order tracking and monitoring exists due to excessive data output by the application when searching transactions for authenticated users in the transaction request builder. Exploiting this vulnerability could allow a malicious...
The vulnerability of IBM TXSeries software for multiplatforms, including IBM CICS TX Standard and IBM CICS TX Advanced application servers, allows attackers to gain unauthorized access to confidential information.
The vulnerability of IBM TXSeries software for multiplatforms, including IBM CICS TX Standard and IBM CICS TX Advanced, is related to excessive data output by the application. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to confidential information from a...
SAP S/4HANA 和 SAP Business One 安全漏洞
SAP Business One is a product of SAP, a German company.SAP Business One is a set of enterprise management software. The software includes functions such as financial management, operations management and human resource management. SAP Business One has an information disclosure vulnerability that...
Cybozu Garoon 信息泄露漏洞
Cybozu Garoon is a portal-based OA office system from Cybozu Japan. The system provides portal, E-mail, bookmark, scheduler, bulletin board, document management, etc. Cybozu Garoon is vulnerable to an information disclosure vulnerability, which is caused by excessive data output from the...
Fortinet FortiOS Information Disclosure Vulnerability (CNVD-2022-50947)
Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform from Fortinet, Inc. Fortinet FortiOS is vulnerable to an information leakage vulnerability that results from excessive data output in server-generated error messages, which can be exploited by...
Microsoft Windows Common Log File System Driver Information Disclosure Vulnerability (CNVD-2022-84602)
Microsoft Windows Common Log File System Driver is a Common Log File System CLFS API from Microsoft that provides a common log file subsystem that can be used by dedicated client applications and shared by multiple clients to optimize log access. An information disclosure vulnerability exists in...
Microsoft Windows Common Log File System Driver 信息泄露漏洞
Microsoft Windows Common Log File System Driver is a Common Log File System CLFS API from Microsoft that provides a common log file subsystem that can be used by dedicated client applications and shared by multiple clients to optimize log access. An information disclosure vulnerability exists in...
Microsoft Excel 2013 RCE Vulnerability (KB5002156)
This host is missing a critical security update according to Microsoft KB5002156 Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
ROS-20220112-04
A vulnerability in the Django web application framework is related to excessive data output by the application during the processing error conditions. Exploitation of the vulnerability could allow an attacker acting remotely, to obtain sensitive system information. Django web application framewor...
Linux kernel information disclosure vulnerability (CNVD-2021-60526)
Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux kernel is vulnerable due to an excessive amount of data output in the Linux kernel functions, which allows user-state applications to read the contents of a sigpage, thereby leaking the contents o...
Security Update for Microsoft Power BI Report Server (March 2021)
An information disclosure vulnerability exists in Microsoft Power BI Report Server due to excessive data output by the application in Microsoft Power BI. An authenticated, remote attacker can exploit this, to disclose potentially sensitive information. Note that Nessus has not tested for this iss...
ROS-2-1459
2.1459 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...