Vulnerabilities > Information Exposure Through an Error Message
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-31 | CVE-2020-14337 | Information Exposure Through an Error Message vulnerability in Redhat Ansible Tower 3.0.0 A data exposure flaw was found in Tower, where sensitive data was revealed from the HTTP return error codes. | 5.8 |
| 2020-07-30 | CVE-2020-8213 | Information Exposure Through an Error Message vulnerability in UI Unifi Protect 1.13.3 An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing. | 5.3 |
| 2020-07-29 | CVE-2020-15125 | Information Exposure Through an Error Message vulnerability in Auth0 Auth0.Js In auth0 (npm package) versions before 2.27.1, a DenyList of specific keys that should be sanitized from the request object contained in the error object is used. | 7.7 |
| 2020-07-29 | CVE-2020-4572 | Information Exposure Through an Error Message vulnerability in IBM Security KEY Lifecycle Manager 3.0.1/4.0 IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
| 2020-07-28 | CVE-2020-13997 | Information Exposure Through an Error Message vulnerability in Shopware In Shopware before 6.2.3, the database password is leaked to an unauthenticated user when a DriverException occurs and verbose error handling is enabled. | 7.5 |
| 2020-07-28 | CVE-2020-4319 | Information Exposure Through an Error Message vulnerability in IBM MQ Appliance IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. | 4.3 |
| 2020-07-23 | CVE-2019-11252 | Information Exposure Through an Error Message vulnerability in Kubernetes The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes. | 6.5 |
| 2020-07-22 | CVE-2020-6511 | Information Exposure Through an Error Message vulnerability in multiple products Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2020-07-01 | CVE-2020-15478 | Information Exposure Through an Error Message vulnerability in Journal-Theme Journal The Journal theme before 3.1.0 for OpenCart allows exposure of sensitive data via SQL errors. | 7.5 |
| 2020-06-24 | CVE-2020-4341 | Information Exposure Through an Error Message vulnerability in IBM Security Secret Server 10.6/10.7/10.7.000059 IBM Security Secret Server 10.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |