Vulnerabilities > Information Exposure Through an Error Message

DATE CVE VULNERABILITY TITLE RISK
2022-06-02 CVE-2022-31023 Information Exposure Through an Error Message vulnerability in Lightbend Play Framework
Play Framework is a web framework for Java and Scala.
network
low complexity
lightbend CWE-209
5.0
2022-06-02 CVE-2022-26973 Information Exposure Through an Error Message vulnerability in Barco Control Room Management Suite
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism.
network
low complexity
barco CWE-209
5.0
2022-05-06 CVE-2022-26070 Information Exposure Through an Error Message vulnerability in Splunk
When handling a mismatched pre-authentication cookie, the application leaks the internal error message in the response, which contains the Splunk Enterprise local system path.
network
low complexity
splunk CWE-209
4.0
2022-05-06 CVE-2021-39023 Information Exposure Through an Error Message vulnerability in IBM Guardium Data Encryption
IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
5.0
2022-05-04 CVE-2021-43206 Information Exposure Through an Error Message vulnerability in Fortinet Fortios and Fortiproxy
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages.
network
fortinet CWE-209
4.3
2022-04-20 CVE-2022-29266 Information Exposure Through an Error Message vulnerability in Apache Apisix
In APache APISIX before 3.13.1, the jwt-auth plugin has a security issue that leaks the user's secret key because the error message returned from the dependency lua-resty-jwt contains sensitive information.
network
low complexity
apache CWE-209
5.0
2022-04-19 CVE-2021-39033 Information Exposure Through an Error Message vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
4.0
2022-04-04 CVE-2022-1120 Information Exposure Through an Error Message vulnerability in Gitlab
Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 exposed sensitive information when an include directive fails in the CI/CD configuration.
network
low complexity
gitlab CWE-209
4.0
2022-04-01 CVE-2021-32937 Information Exposure Through an Error Message vulnerability in Auvesy-Mdt Autosave and Autosave for System Platform
An attacker can gain knowledge of a session temporary working folder where the getfile and putfile commands are used in MDT AutoSave versions prior to v6.02.06.
network
low complexity
auvesy-mdt CWE-209
5.0
2022-03-30 CVE-2022-23794 Information Exposure Through an Error Message vulnerability in Joomla Joomla!
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0.
network
low complexity
joomla CWE-209
5.0