Vulnerabilities > Information Exposure Through an Error Message

DATE CVE VULNERABILITY TITLE RISK
2022-10-31 CVE-2022-40292 Information Exposure Through an Error Message vulnerability in PHPpointofsale PHP Point of Sale 19.0
The application allowed for Unauthenticated User Enumeration by interacting with an unsecured endpoint to retrieve information on each account within the system.
network
low complexity
phppointofsale CWE-209
5.3
2022-10-29 CVE-2021-42777 Information Exposure Through an Error Message vulnerability in Stimulsoft Reports 2013.1.1600.0
Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C# code on any machine that renders a report, including the application server or a user's local machine, as demonstrated by System.Diagnostics.Process.Start.
network
low complexity
stimulsoft CWE-209
critical
9.8
2022-10-27 CVE-2022-2508 Information Exposure Through an Error Message vulnerability in Octopus Server
In affected versions of Octopus Server it is possible to reveal the existence of resources in a space that the user does not have access to due to verbose error messaging.
network
low complexity
octopus CWE-209
5.3
2022-10-19 CVE-2022-38107 Information Exposure Through an Error Message vulnerability in Solarwinds SQL Sentry
Sensitive information could be displayed when a detailed technical error message is posted.
network
low complexity
solarwinds CWE-209
5.3
2022-09-28 CVE-2022-2760 Information Exposure Through an Error Message vulnerability in Octopus Server
In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the user does not have access to view in an error message when a resource is part of another Space.
network
low complexity
octopus CWE-209
4.3
2022-07-11 CVE-2022-31140 Information Exposure Through an Error Message vulnerability in Cuyz Valinor
Valinor is a PHP library that helps to map any input into a strongly-typed value object structure.
network
low complexity
cuyz CWE-209
6.4
2022-07-06 CVE-2022-31124 Information Exposure Through an Error Message vulnerability in Openssh KEY Parser Project Openssh KEY Parser
openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files.
network
low complexity
openssh-key-parser-project CWE-209
4.0
2022-06-28 CVE-2022-31229 Information Exposure Through an Error Message vulnerability in Dell Powerscale Onefs
Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information.
network
low complexity
dell CWE-209
4.0
2022-06-02 CVE-2022-31023 Information Exposure Through an Error Message vulnerability in Lightbend Play Framework
Play Framework is a web framework for Java and Scala.
network
low complexity
lightbend CWE-209
5.0
2022-06-02 CVE-2022-26973 Information Exposure Through an Error Message vulnerability in Barco Control Room Management Suite
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism.
network
low complexity
barco CWE-209
5.0