6 matches found
CVE-2025-52619 HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure
HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform...
CVE-2021-39223
Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud Richdocuments application prior to versions 3.8.6 and 4.2.3 returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. e.g. an attacker could see that the file...
CVE-2024-25533
CVE-2024-25533 affects RuvarOA v6.01–v12.01. Error messages disclose the server path at /WorkFlow/OfficeFileUpdate.aspx and, per multiple sources, allow writing files or executing arbitrary SQL via crafted statements due to insufficient input validation. Affected versions: 6.01–12.01. Root cause ...
CVE-2020-16128 Aptdaemon error messages disclosed file existence to unprivileged users via dbus properties
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...
Lark Technologies: Messages disclosure via search feature of other users group(Cross-Tenant).
Due to a Insecure Direct Object Reference IDOR vulnerability identified within the message search function of Lark, an attacker could have potentially viewed messages, docs, and attachments shared in other users groups. We thank @base64 for reporting this to our team and verifying the resolution...
Design/Logic Flaw
IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages, revealing sensitive information that could aid in further attacks against the system. IBM X-Force ID: 162738...