GHSA-V27G-JCQJ-V8RW vm2 is Vulnerable to Host File Path Disclosure via Stack Trace Information Leak

Summary vm2's CallSite wrapper class intended as a safe wrapper for V8's native CallSite blocks getThis and getFunction to prevent host object leakage, but allows getFileName to return unsanitized host absolute paths. Any sandboxed code can extract the full directory structure, library paths, and...

PYSEC-2026-18

In case of SQL errors, exception/stack trace of errors was exposed in API even if "api/exposestacktraces" was set to false. That could lead to exposing additional information to potential attacker. Users are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue...

CVE-2025-9122

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework exposes the full server stack trace when errors occur in the GetCdfResource servlet. Affected versions include before 10.2.0.4, specifically 9.3.0.x and 8.3.x. Impact is information disclosure of internal stack d...

EUVD-2017-0010

Malware in sbrugna...

EUVD-2013-0492

Malware in sbrugna...

EUVD-2018-6807

Malware in sbrugna...

EUVD-2016-0342

Malware in sbrugna...

CVE-2025-58589

When an error occurs in the application a full stacktrace is provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker thus receives information about the technology used and the structure of the application...

CVE-2025-58581

Summary: CVE-2025-58581 describes an information disclosure in SICK Enterprise Analytics (and SICK Logistic Analytics) where, on application errors, a full stack trace is exposed to users, revealing internal class/method names and application structure. This directly informs attackers about the t...

EUVD-2025-12530

Malicious code in bioql PyPI...

EUVD-2024-25310

Malicious code in bioql PyPI...

EUVD-2022-6529

Malicious code in bioql PyPI...

Security Bulletin: Sensitive Information Disclosure in IBM Lakehouse Through Stack Traces , affects watsonx.data

Summary IBM Lakehouse could potentially reveal sensitive information from stack traces that could be read by a local privileged user. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-36146 DESCRIPTION: IBM Lakehouse could potentially reveal sensitive information from stack trace...

CVE-2022-0666

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...

CVE-2023-23474

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 245403...

IBM MQ 安全漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from International Business Machines IBM. The product is mainly for the service-oriented architecture SOA to provide a reliable and proven messaging backbone. An information disclosure vulnerability exists in IBM MQ versions 8.0, 9.0, and...

CRLF Injection

microweber/microweber is vulnerable to CRLF Injection. Lack of filtering CRLF characters in redirectUrl allows an attacker to cause stack trace exposure...

CRLF Injection in microweber

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...

GHSA-3WWJ-WH2W-G4XP CRLF Injection in microweber

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...

CVE-2022-0666

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...