Total
434 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-35134 | 1 Ibm | 1 Analytics Content Hub | 2025-01-27 | 5.3 Medium |
| IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. | ||||
| CVE-2023-38713 | 1 Ibm | 1 Cloud Pak System | 2025-01-27 | 5.3 Medium |
| IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could disclose sensitive information about the system that could aid in further attacks against the system. | ||||
| CVE-2025-24552 | 2025-01-24 | 5.3 Medium | ||
| Generation of Error Message Containing Sensitive Information vulnerability in David de Boer Paytium allows Retrieve Embedded Sensitive Data. This issue affects Paytium: from n/a through 4.4.11. | ||||
| CVE-2023-21103 | 1 Google | 1 Android | 2025-01-24 | 5.5 Medium |
| In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259064622 | ||||
| CVE-2024-28939 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-23 | 8.8 High |
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2022-4870 | 1 Octopus | 1 Octopus Server | 2025-01-21 | 5.3 Medium |
| In affected versions of Octopus Deploy it is possible to discover network details via error message | ||||
| CVE-2024-13536 | 2025-01-21 | 5.3 Medium | ||
| The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87. This is due the /inc/class/fnm/export.php file being publicly accessible with error logging enabled. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. | ||||
| CVE-2024-51460 | 1 Ibm | 1 Infosphere Information Server | 2025-01-14 | 4.3 Medium |
| IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. | ||||
| CVE-2024-52898 | 1 Ibm | 1 Mq | 2025-01-14 | 6.2 Medium |
| IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned. | ||||
| CVE-2024-52897 | 1 Ibm | 1 Mq | 2025-01-14 | 6.2 Medium |
| IBM MQ 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. | ||||
| CVE-2025-0053 | 2025-01-14 | 5.3 Medium | ||
| SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker to gain unauthorized access to system information. By using a specific URL parameter, an unauthenticated attacker could retrieve details such as system configuration. This has a limited impact on the confidentiality of the application and may be leveraged to facilitate further attacks or exploits. | ||||
| CVE-2024-39725 | 1 Ibm | 2 Engineering Insights, Engineering Lifecycle Optimization - Engineering Insights | 2025-01-10 | 5.3 Medium |
| IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. | ||||
| CVE-2024-52896 | 1 Ibm | 1 Mq | 2025-01-10 | 6.2 Medium |
| IBM MQ 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. | ||||
| CVE-2023-33181 | 1 Xibosignage | 1 Xibo | 2025-01-09 | 4.3 Medium |
| Xibo is a content management system (CMS). Starting in version 3.0.0 and prior to version 3.3.5, some API routes will print a stack trace when called with missing or invalid parameters revealing sensitive information about the locations of paths that the server is using. Users should upgrade to version 3.3.5, which fixes this issue. There are no known workarounds aside from upgrading. | ||||
| CVE-2023-34339 | 1 Jetbrains | 1 Ktor | 2025-01-08 | 3.3 Low |
| In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message | ||||
| CVE-2023-23474 | 1 Ibm | 1 Cognos Controller | 2025-01-07 | 3.7 Low |
| IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 245403. | ||||
| CVE-2024-49818 | 1 Ibm | 1 Security Guardium Key Lifecycle Manager | 2025-01-07 | 4.3 Medium |
| IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. | ||||
| CVE-2021-20455 | 1 Ibm | 2 Cognos Controller, Controller | 2025-01-07 | 3.7 Low |
| IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. | ||||
| CVE-2022-22363 | 1 Ibm | 2 Cognos Controller, Controller | 2025-01-07 | 4.3 Medium |
| IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. | ||||
| CVE-2024-25037 | 1 Ibm | 2 Cognos Controller, Controller | 2025-01-07 | 4.3 Medium |
| IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. | ||||