Vulnerabilities > Information Exposure Through an Error Message
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-20 | CVE-2019-4583 | Information Exposure Through an Error Message vulnerability in IBM Maximo Asset Management 7.6.0.10/7.6.1.1 IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. | 4.0 |
| 2020-02-14 | CVE-2018-21032 | Information Exposure Through an Error Message vulnerability in Hitachi products A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages. | 4.0 |
| 2020-01-28 | CVE-2019-4636 | Information Exposure Through an Error Message vulnerability in IBM Security Secret Server IBM Security Secret Server 10.7 could disclose sensitive information to an authenticated user from generated error messages. | 4.0 |
| 2020-01-27 | CVE-2014-8161 | Information Exposure Through an Error Message vulnerability in multiple products PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message. | 4.0 |
| 2020-01-19 | CVE-2020-7231 | Information Exposure Through an Error Message vulnerability in Evoko Home 1.31 Evoko Home 1.31 devices provide different error messages for failed login requests depending on whether the username is valid. | 5.0 |
| 2019-12-30 | CVE-2019-19806 | Information Exposure Through an Error Message vulnerability in Mfscripts Yetishare _account_forgot_password.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.3 displays a message indicating whether an email address is configured for the account name provided. | 5.3 |
| 2019-12-19 | CVE-2019-19342 | Information Exposure Through an Error Message vulnerability in Redhat Ansible Tower A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '#' character. | 5.0 |
| 2019-12-11 | CVE-2019-0404 | Information Exposure Through an Error Message vulnerability in SAP Enable NOW 1902/1908 SAP Enable Now, before version 1911, leaks information about network configuration in the server error messages, leading to Information Disclosure. | 5.0 |
| 2019-12-05 | CVE-2019-16768 | Information Exposure Through an Error Message vulnerability in Sylius In affected versions of Sylius, exception messages from internal exceptions (like database exception) are wrapped by \Symfony\Component\Security\Core\Exception\AuthenticationServiceException and propagated through the system to UI. | 4.0 |
| 2019-11-25 | CVE-2019-13697 | Information Exposure Through an Error Message vulnerability in Google Chrome Insufficient policy enforcement in performance APIs in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |