Flight vulnerable to sensitive information disclosure via default error handler

Summary The default error handler Engine::error writes the full exception message, exception code, and stack trace including absolute filesystem paths directly into the HTTP 500 response, with no debug gating. Production deployments leak internal paths, any secret interpolated into an exception...

CVE-2026-28462 OpenClaw < 2026.2.13 - Path Traversal in Trace and Download Output Paths

OpenClaw versions prior to 2026.2.13 contain a vulnerability in the browser control API in which it accepts user-supplied output paths for trace and download files without consistently constraining writes to temporary directories. Attackers with API access can exploit path traversal in POST...

CVE-2026-28462 OpenClaw < 2026.2.13 - Path Traversal in Trace and Download Output Paths

OpenClaw versions prior to 2026.2.13 contain a vulnerability in the browser control API in which it accepts user-supplied output paths for trace and download files without consistently constraining writes to temporary directories. Attackers with API access can exploit path traversal in POST...

OpenClaw has a path traversal in browser trace/download output paths may allow arbitrary file writes

Summary OpenClaw’s browser control API accepted user-supplied output paths for trace/download files without consistently constraining writes to OpenClaw-managed temporary directories. Impact If an attacker can access the browser control API, they could attempt to write trace/download output files...

EUVD-2016-6852

Malware in sbrugna...

EUVD-2015-7386

Malware in sbrugna...

EUVD-2008-4673

Malware in sbrugna...

EUVD-2016-6861

Malware in sbrugna...

Intel Trace Hub 安全漏洞

The Intel Trace Hub is a set of hardware modules from Intel Corporation. It is designed to perform full-system debugging by generating, switching, and outputting trace data from multiple hardware and software sources through multiple trace output ports encoded in the System Trace Protocol MIPI...

Security Bulletin: Password Disclosure via FlashCopy Manager on Windows, Data Protection for Exchange, and Data Protection for SQL CVE-2015-4949, CVE 2015-6557

Summary The password associated with Tivoli Storage Manager or the Microsoft SQL DB user is displayed in plain text via application pop-up messages for failed operations and in application trace output. Vulnerability Details CVEID: CVE-2015-4949 DESCRIPTION: IBM Tivoli Storage Manager for Databas...

CVE-2017-1378

IBM Spectrum Protect 7.1 and 8.1 formerly Tivoli Storage Manager disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. IBM X-Force ID: 126875...

Design/Logic Flaw

IBM Spectrum Protect 7.1 and 8.1 formerly Tivoli Storage Manager disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. IBM X-Force ID: 126875...

CVE-2017-1378

IBM Spectrum Protect 7.1 and 8.1 formerly Tivoli Storage Manager disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. IBM X-Force ID: 126875...

IBM TSM Client 'Password' Information Disclosure Vulnerability - Mac OS X

IBM Tivoli Storage Manager Client is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-5918

IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed...

CVE-2016-0371

The Tivoli Storage Manager TSM password may be displayed in plain text via application trace output while application tracing is enabled...

PT-2017-7615 · Ibm · Ibm Tivoli Storage Manager

Name of the Vulnerable Software and Affected Versions: Tivoli Storage Manager TSM affected versions not specified Description: The issue concerns the potential display of the Tivoli Storage Manager password in plain text through application trace output when application tracing is enabled...

CVE-2016-5927

IBM Tivoli Storage Manager for Space Management aka Spectrum Protect for Space Management 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output...

Input validation

IBM Tivoli Storage Manager for Space Management aka Spectrum Protect for Space Management 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output...

IBM WebSphere MQ Information Disclosure Vulnerability (Jul 2016)

IBM WebSphere MQ is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...