ReportizFlow
Filtered by vendor
Subscriptions
Total
499 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45026 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-11-04 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error recovery leading to data corruption on ESE devices Extent Space Efficient (ESE) or thin provisioned volumes need to be formatted on demand during usual IO processing. The dasd_ese_needs_format function checks for error codes that signal the non existence of a proper track format. The check for incorrect length is to imprecise since other error cases leading to transport of insufficient data also have this flag set. This might lead to data corruption in certain error cases for example during a storage server warmstart. Fix by removing the check for incorrect length and replacing by explicitly checking for invalid track format in transport mode. Also remove the check for file protected since this is not a valid ESE handling case. | ||||
| CVE-2024-21733 | 2 Apache, Redhat | 3 Tomcat, Apache-camel-spring-boot, Jboss Fuse | 2025-11-04 | 5.3 Medium |
| Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Other, EOL versions may also be affected. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue. | ||||
| CVE-2024-6613 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-10-30 | 5.5 Medium |
| The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128. | ||||
| CVE-2025-52619 | 1 Hcltech | 1 Bigfix Saas | 2025-10-29 | 5.3 Medium |
| HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform. | ||||
| CVE-2025-31998 | 1 Hcltech | 2 Unica, Unica Centralized Offer Management | 2025-10-29 | 3.5 Low |
| HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive information. An attacker can exploit use this information to exploit known vulnerabilities launch targeted attacks, such as remote code execution or denial of service. | ||||
| CVE-2024-29059 | 1 Microsoft | 15 .net Framework, Windows 10 1507, Windows 10 1607 and 12 more | 2025-10-28 | 7.5 High |
| .NET Framework Information Disclosure Vulnerability | ||||
| CVE-2025-0053 | 1 Sap | 1 Sap Basis | 2025-10-24 | 5.3 Medium |
| SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker to gain unauthorized access to system information. By using a specific URL parameter, an unauthenticated attacker could retrieve details such as system configuration. This has a limited impact on the confidentiality of the application and may be leveraged to facilitate further attacks or exploits. | ||||
| CVE-2025-26333 | 1 Dell | 1 Bsafe Crypto-j | 2025-10-24 | 5.9 Medium |
| Dell BSAFE Crypto-J generates an error message that includes sensitive information about its environment and associated data. A remote attacker could potentially exploit this vulnerability, leading to information exposure. | ||||
| CVE-2025-54291 | 1 Canonical | 1 Lxd | 2025-10-24 | 5.3 Medium |
| Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses. | ||||
| CVE-2024-41983 | 1 Siemens | 4 Opcenter Quality, Smartclient Modules, Soa Audit and 1 more | 2025-10-23 | 3.5 Low |
| A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application displays SQL statement in the error messages encountered during the generation of reports using Cockpit tool. | ||||
| CVE-2024-41984 | 1 Siemens | 4 Opcenter Quality, Smartclient Modules, Soa Audit and 1 more | 2025-10-22 | 2.6 Low |
| A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application improperly handles error while accessing an inaccessible resource leading to exposing the system applications. | ||||
| CVE-2013-7331 | 1 Microsoft | 10 Internet Explorer, Windows 7, Windows 8 and 7 more | 2025-10-22 | 6.5 Medium |
| The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014. | ||||
| CVE-2022-35715 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-10-20 | 7.5 High |
| IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 231202. | ||||
| CVE-2025-40718 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | 7.5 High |
| Improper error handling vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to send malformed payloads to generate error messages containing sensitive information. | ||||
| CVE-2024-44762 | 1 Webmin | 1 Usermin | 2025-10-15 | 5.3 Medium |
| A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers to enumerate valid user accounts. | ||||
| CVE-2025-0279 | 1 Hcltech | 1 Traveler | 2025-10-10 | 4.3 Medium |
| HCL Traveler generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this information to gain insights into the system's architecture and potentially launch targeted attacks. | ||||
| CVE-2024-39458 | 1 Jenkins | 1 Structs | 2025-10-10 | 3.1 Low |
| When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log. | ||||
| CVE-2025-46658 | 1 4cstrategies | 1 Exonaut | 2025-10-02 | 9.8 Critical |
| An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. There are verbose error messages. | ||||
| CVE-2025-48562 | 1 Google | 1 Android | 2025-09-26 | 5 Medium |
| In writeContent of RemotePrintDocument.java, there is a possible information disclosure due to a logic error. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2021-47381 | 1 Linux | 1 Linux Kernel | 2025-09-25 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Fix DSP oops stack dump output contents Fix @buf arg given to hex_dump_to_buffer() and stack address used in dump error output. | ||||