13 matches found
EUVD-2017-0010
Malware in sbrugna...
CVE-2023-48680
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber Protect 16 macOS, Windows before build 37391...
CVE-2024-42325 Excessive information returned by user.get
Zabbix API user.get returns all users that share common group with the calling user. This includes media and other information, such as login attempts, etc...
Information disclosure through insecure design
Introduction Insecure design can lead to many issues. The Software Development Life Cycle SDLC should contain steps to evaluate and consider security throughout the process. Several recent web application and API tests have revealed a common issue of responses containing too much data, and leakin...
CVE-2023-23837
No exception handling vulnerability which revealed sensitive or excessive information to users...
PT-2023-19244 · Solarwinds · Database Performance Analyzer
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A no exception handling issue has been identified, which potentially reveals sensitive or excessive information to users. Recommendations: At the moment, there is no information abo...
CVE-2022-31186 Leakage of excessive information into log in next-auth
NextAuth.js is a complete open source authentication solution for Next.js applications. An information disclosure vulnerability in next-auth before v4.10.2 and v3.29.9 allows an attacker with log access privilege to obtain excessive information such as an identity provider's secret in the log whi...
Apache Atlas produces Stack trace in error response
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information...
CVE-2020-12266
An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. The devices automatically query these pages to update dashboards and other statistics, but the pages can be accessed...
PYSEC-2017-110
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information...
CVE-2017-3154
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information...
CVE-2017-3154
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information...
Analysis: Popular Android Apps Access More Information than Needed
A South Korean security provider says it’s uncovered popular Android apps that want more information than is required, putting users at risk. AhnLab, Inc., headquartered in Seoul, analyzed 178 of the best-rated Android applications using its cloud-based app security analysis tool, ranking each ap...