Lucene search
K

284 matches found

NVD
NVD
added 2026/07/06 9:16 a.m.8 views

CVE-2026-56139

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to false,...

5.3CVSS0.00363EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/06 8:15 a.m.32 views

CVE-2026-56139 Apache Camel Undertow: The muteException consumer option defaulted to false, so a processing error returned the full Java stack trace in the HTTP response body, disclosing sensitive internal information to unauthenticated clients

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to false,...

0.00363EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 8:11 a.m.9 views

EUVD-2026-41846

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Netty HTTP component. The camel-netty-http HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to fal...

5.8AI score0.00363EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

389 Directory Server 缓冲区错误漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. There is a security vulnerability in 389 Directory Server, which stems from type confusion during the processing of SSO token extensions. As a result, some stack trace...

4.3CVSS5.8AI score0.00179EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.10 views

CVE-2025-59853

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

5.3CVSS5.5AI score0.00166EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/26 7:36 a.m.13 views

python-markdown: denial of service via malformed HTML-like sequences

A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive informati...

8.2CVSS7.2AI score0.00566EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/05/11 4:36 p.m.6 views

CVE-2026-44226

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, pyload-ng WebUI returns full Python traceback details to clients on unhandled exceptions. Because /web/ is reachable without authentication and renders attacker-controlled template names, an...

5.3CVSS5.8AI score0.00336EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/11 4:36 p.m.8 views

CVE-2026-44226 pyLoad: Unauthenticated traceback disclosure via global exception handler in WebUI

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, pyload-ng WebUI returns full Python traceback details to clients on unhandled exceptions. Because /web/ is reachable without authentication and renders attacker-controlled template names, an...

5.3CVSS5.8AI score0.00336EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/11 4:36 p.m.51 views

CVE-2026-44226 pyLoad: Unauthenticated traceback disclosure via global exception handler in WebUI

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, pyload-ng WebUI returns full Python traceback details to clients on unhandled exceptions. Because /web/ is reachable without authentication and renders attacker-controlled template names, an...

5.3CVSS0.00336EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

pyLoad 安全漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad prior to 0.5.0b3.dev100 contained security vulnerabilities. These vulnerabilities stemmed from the WebUI returning complete Python trace details when exceptions were not handled properly. This could allow...

5.3CVSS5.8AI score0.00336EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/05/07 5:29 p.m.9 views

python-markdown: denial of service via malformed HTML-like sequences

A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive informati...

8.2CVSS7.2AI score0.00566EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.24 views

PT-2026-38393

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.0 Description The CallSite wrapper class, designed as a safe wrapper for V8's native CallSite, fails to sanitize the output of the getFileName function. While the class blocks getThis and getFunction to prevent host...

5.8CVSS5.9AI score0.00241EPSS
Exploits1References7
OSV
OSV
added 2026/05/06 9:39 p.m.9 views

GHSA-QRCH-52M5-VV85 Flight vulnerable to sensitive information disclosure via default error handler

Summary The default error handler Engine::error writes the full exception message, exception code, and stack trace including absolute filesystem paths directly into the HTTP 500 response, with no debug gating. Production deployments leak internal paths, any secret interpolated into an exception...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/06 5:54 p.m.10 views

Information Exposure

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Information Exposure via the global exception handling process in the WebUI. An attacker can obtain sensitive internal implementation details, such as stack...

6.9CVSS5.8AI score0.00336EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/06 12:30 p.m.8 views

EUVD-2025-209665

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

3.1CVSS5.9AI score0.00166EPSS
Exploits0References2
NVD
NVD
added 2026/05/06 11:16 a.m.11 views

CVE-2025-59853

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

5.3CVSS0.00166EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/06 10:26 a.m.7 views

CVE-2025-59853 HCL DFXAnalytics is affected by an Improper Error Handling vulnerability

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

3.1CVSS5.9AI score0.00166EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/06 10:26 a.m.37 views

CVE-2025-59853 HCL DFXAnalytics is affected by an Improper Error Handling vulnerability

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

3.1CVSS0.00166EPSS
Exploits0References1
CVE
CVE
added 2026/05/06 10:26 a.m.17 views

CVE-2025-59853

Technical details (affected software/versions/root cause/impact) are not publicly provided in the supplied documents; monitor for updates from vendors and authorities.

5.3CVSS5.9AI score0.00166EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 10:26 a.m.7 views

CVE-2025-59853

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

3.1CVSS5.9AI score0.00166EPSS
Exploits0References2
Rows per page
Query Builder