Total
384 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-37306 | 1 Misp-project | 1 Malware Information Sharing Platform | 2023-07-07 | N/A | 7.5 HIGH |
| MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of the error messages. | |||||
| CVE-2022-24906 | 1 Nextcloud | 1 Deck | 2023-07-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthorized users. It is recommended that the Nextcloud Deck app is upgraded to 1.2.11, 1.4.6, or 1.5.4. There is no workaround available. | |||||
| CVE-2023-34110 | 1 Flask-appbuilder Project | 1 Flask-appbuilder | 2023-07-03 | N/A | 2.7 LOW |
| Flask-AppBuilder is an application development framework, built on top of Flask. Prior to version 4.3.2, an authenticated malicious actor with Admin privileges, could by adding a special character on the add, edit User forms trigger a database error, this error is surfaced back to this actor on the UI. On certain database engines this error can include the entire user row including the pbkdf2:sha256 hashed password. This vulnerability has been fixed in version 4.3.2. | |||||
| CVE-2022-2062 | 1 Xgenecloud | 1 Nocodb | 2023-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| Generation of Error Message Containing Sensitive Information in GitHub repository nocodb/nocodb prior to 0.91.7+. | |||||
| CVE-2023-34339 | 1 Jetbrains | 1 Ktor | 2023-06-08 | N/A | 3.3 LOW |
| In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message | |||||
| CVE-2023-33181 | 1 Xibosignage | 1 Xibo | 2023-06-06 | N/A | 5.3 MEDIUM |
| Xibo is a content management system (CMS). Starting in version 3.0.0 and prior to version 3.3.5, some API routes will print a stack trace when called with missing or invalid parameters revealing sensitive information about the locations of paths that the server is using. Users should upgrade to version 3.3.5, which fixes this issue. There are no known workarounds aside from upgrading. | |||||
| CVE-2023-28514 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2023-05-26 | N/A | 5.5 MEDIUM |
| IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398. | |||||
| CVE-2023-27860 | 1 Ibm | 1 Maximo Asset Management | 2023-05-04 | N/A | 5.3 MEDIUM |
| IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error message. This information could be used in further attacks against the system. IBM X-Force ID: 249207. | |||||
| CVE-2023-29193 | 1 Authzed | 1 Spicedb | 2023-04-24 | N/A | 7.5 HIGH |
| SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. The `spicedb serve` command contains a flag named `--grpc-preshared-key` which is used to protect the gRPC API from being accessed by unauthorized requests. The values of this flag are to be considered sensitive, secret data. The `/debug/pprof/cmdline` endpoint served by the metrics service (defaulting running on port `9090`) reveals the command-line flags provided for debugging purposes. If a password is set via the `--grpc-preshared-key` then the key is revealed by this endpoint along with any other flags provided to the SpiceDB binary. This issue has been fixed in version 1.19.1. ### Impact All deployments abiding by the recommended best practices for production usage are **NOT affected**: - Authzed's SpiceDB Serverless - Authzed's SpiceDB Dedicated - SpiceDB Operator Users configuring SpiceDB via environment variables are **NOT affected**. Users **MAY be affected** if they expose their metrics port to an untrusted network and are configuring `--grpc-preshared-key` via command-line flag. ### Patches TODO ### Workarounds To workaround this issue you can do one of the following: - Configure the preshared key via an environment variable (e.g. `SPICEDB_GRPC_PRESHARED_KEY=yoursecret spicedb serve`) - Reconfigure the `--metrics-addr` flag to bind to a trusted network (e.g. `--metrics-addr=localhost:9090`) - Disable the metrics service via the flag (e.g. `--metrics-enabled=false`) - Adopt one of the recommended deployment models: [Authzed's managed services](https://authzed.com/pricing) or the [SpiceDB Operator](https://github.com/authzed/spicedb-operator) ### References - [GitHub Security Advisory issued for SpiceDB](https://github.com/authzed/spicedb/security/advisories/GHSA-cjr9-mr35-7xh6) - [Go issue #22085](https://github.com/golang/go/issues/22085) for documenting the risks of exposing pprof to the internet - [Go issue #42834](https://github.com/golang/go/issues/42834) discusses preventing pprof registration to the default serve mux - [semgrep rule go.lang.security.audit.net.pprof.pprof-debug-exposure](https://semgrep.dev/r?q=go.lang.security.audit.net.pprof) checks for a variation of this issue ### Credit We'd like to thank Amit Laish, a security researcher at GE Vernova for responsibly disclosing this vulnerability. | |||||
| CVE-2022-34882 | 3 Docker, Hitachi, Microsoft | 3 Docker, Raid Manager Storage Replication Adapter, Windows | 2023-04-21 | N/A | 6.5 MEDIUM |
| Information Exposure Through an Error Message vulnerability in Hitachi RAID Manager Storage Replication Adapter allows remote authenticated users to gain sensitive information. This issue affects: Hitachi RAID Manager Storage Replication Adapter 02.01.04 versions prior to 02.03.02 on Windows; 02.05.00 versions prior to 02.05.01 on Windows and Docker. | |||||
| CVE-2023-27587 | 1 Readtomyshoe Project | 1 Readtomyshoe | 2023-03-17 | N/A | 6.5 MEDIUM |
| ReadtoMyShoe, a web app that lets users upload articles and listen to them later, generates an error message containing sensitive information prior to commit 8533b01. If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google Cloud TTS request, then it will include the full URL of the request. The request URL contains the Google Cloud API key. This has been patched in commit 8533b01. Upgrading should be accompanied by deleting the current GCP API key and issuing a new one. There are no known workarounds. | |||||
| CVE-2023-26052 | 1 Saleor | 1 Saleor | 2023-03-13 | N/A | 5.3 MEDIUM |
| Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests. This issue has been patched in versions 3.1.48, 3.7.59, 3.8.0, 3.9.27, 3.10.14 and 3.11.12. | |||||
| CVE-2017-7551 | 1 Fedoraproject | 1 389 Directory Server | 2023-02-12 | 5.0 MEDIUM | 9.8 CRITICAL |
| 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts. | |||||
| CVE-2018-14623 | 1 Theforeman | 1 Katello | 2023-02-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072. Version 3.10 and older is vulnerable. | |||||
| CVE-2019-4257 | 1 Ibm | 3 Infosphere Information Analyzer, Infosphere Information Governance Catalog, Infosphere Information Server On Cloud | 2023-02-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability. Sensitive information in an error message may be used to conduct further attacks against the system. IBM X-Force ID: 159945. | |||||
| CVE-2019-4269 | 1 Ibm | 1 Websphere Application Server | 2023-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote attacker to obtain sensitive information when a specially crafted url causes a stack trace to be dumped. IBM X-Force ID: 160202. | |||||
| CVE-2019-4219 | 1 Ibm | 1 Security Information Queue | 2023-02-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 generates an error message that includes sensitive information that could be used in further attacks against the system. IBM X-Force ID: 159228. | |||||
| CVE-2019-4308 | 1 Ibm | 3 Emptoris Contract Management, Emptoris Sourcing, Emptoris Spend Analysis | 2023-01-31 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 could allow an authenticated user to obtain sensitive information from error messages IBM X-Force ID: 161034. | |||||
| CVE-2019-4420 | 1 Ibm | 3 Intelligent Operations Center, Intelligent Operations Center For Emergency Management, Water Operations For Waternamics | 2023-01-31 | 2.1 LOW | 6.2 MEDIUM |
| IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages, revealing sensitive information that could aid in further attacks against the system. IBM X-Force ID: 162738. | |||||
| CVE-2019-4377 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2023-01-30 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace that could be used in further attacks against the system. IBM X-Force ID: 162803. | |||||