CVE-2023-50954

IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that could be used in further attacks against the system. IBM X-Force ID: 275776...

EUVD-2018-19354

Malware in sbrugna...

EUVD-2018-4419

Malware in sbrugna...

EUVD-2016-6085

Malware in sbrugna...

CVE-2020-14210

Reflected Cross-Site Scripting XSS vulnerability in MONITORAPP WAF in which script can be executed when responding to Request URL information. It provides a function to response to Request URL information when blocking...

Design/Logic Flaw

Whale Browser before 1.3.48.4 displays no URL information but only a title of a web page on the browser's address bar when visiting a non-http page, which allows an attacker to display a malicious web page with a fake domain name...

CVE-2018-12448

Whale Browser before 1.3.48.4 displays no URL information but only a title of a web page on the browser's address bar when visiting a non-http page, which allows an attacker to display a malicious web page with a fake domain name...

CVE-2018-7635

Whale Browser before 1.0.41.8 displays no URL information but only a title of a web page on the browser's address bar when visiting a blank page, which allows an attacker to display a malicious web page with a fake domain name...

Design/Logic Flaw

Whale Browser before 1.0.41.8 displays no URL information but only a title of a web page on the browser's address bar when visiting a blank page, which allows an attacker to display a malicious web page with a fake domain name...

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2017:3233-1)

This update for MozillaFirefox ESR 52.5 fixes the following issues: Security issues fixed : - CVE-2017-7826: Memory safety bugs fixed bsc1068101. - CVE-2017-7828: Use-after-free of PressShell while restyling layout bsc1068101. - CVE-2017-7830: Cross-origin URL information leak through Resource...

Security fix for the ALT Linux 10 package firefox-esr version 52.5.0-alt1

Nov. 15, 2017 Andrey Cherepanov 52.5.0-alt1 - New ESR version 52.5.0 - Fixes: + CVE-2017-7828 Use-after-free of PressShell while restyling layout + CVE-2017-7830 Cross-origin URL information leak through Resource + CVE-2017-7826 Memory safety bugs fixed in Firefox 57 and Firefox ESR...

CVE-2016-0393

IBM Maximo Asset Management (core product) 7.6 and 7.5, including related Industry Solutions and IBM Control Desk products that are installed on affected cores, are vulnerable to information disclosure via log files exposing sensitive URL data (CVE-2016-0393). The issue affects 7.6 and 7.5 lines ...

CVE-2016-2190

Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log...

CVE-2016-2190

Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log...

Information disclosure

Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log...

CVE-2016-2190

Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log...

Design/Logic Flaw

Zenoss Core through 5 Beta 3 allows remote attackers to obtain sensitive information by attempting a product-rename action with an invalid new name and then reading a stack trace, as demonstrated by internal URL information, aka ZEN-15382...

[oss-security] CVE request for vulnerability in OpenStack Heat

A vulnerability was discovered in OpenStack see below. In order to ensure full traceability, we need a CVE number assigned that we can attach to further notifications. This issue is already public, although an advisory was not sent yet. Title: Heat template URL information leakage Reporter: Jason...

Apache Log Extractor tool

Apache Log Extractor tool Apache Log Extractor is a quick script to export URL information from Apache access logs. The thought behind this script was to provide a list of known URL's on a remote server by analysing the logs. This list could then be used as the input for further testing tools e.g...