Vulnerabilities > Information Exposure Through an Error Message
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-25 | CVE-2019-4377 | Information Exposure Through an Error Message vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace that could be used in further attacks against the system. | 4.3 |
| 2019-06-06 | CVE-2019-4257 | Information Exposure Through an Error Message vulnerability in IBM products IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability. | 4.3 |
| 2019-06-06 | CVE-2019-4219 | Information Exposure Through an Error Message vulnerability in IBM Security Information Queue 1.0.0/1.0.1/1.0.2 IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 generates an error message that includes sensitive information that could be used in further attacks against the system. | 5.3 |
| 2019-05-22 | CVE-2018-12886 | Information Exposure Through an Error Message vulnerability in GNU GCC stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against. | 6.8 |
| 2019-05-20 | CVE-2019-12215 | Information Exposure Through an Error Message vulnerability in Matomo 3.9.1 A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user can trigger a particular error to discover the full path of Matomo on the disk, because lastError.file is used in plugins/CorePluginsAdmin/templates/safemode.twig. | 4.3 |
| 2019-04-11 | CVE-2019-7644 | Information Exposure Through an Error Message vulnerability in Auth0 Auth0-Wcf-Service-Jwt Auth0 Auth0-WCF-Service-JWT before 1.0.4 leaks the expected JWT signature in an error message when it cannot successfully validate the JWT signature. | 7.5 |
| 2019-02-12 | CVE-2019-7550 | Information Exposure Through an Error Message vulnerability in Jforum 2.1.8 In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whether a user exists by using the "create user" function. | 5.0 |
| 2018-12-14 | CVE-2018-14623 | Information Exposure Through an Error Message vulnerability in Theforeman Katello A SQL injection flaw was found in katello's errata-related API. | 4.3 |
| 2018-10-15 | CVE-2018-17961 | Information Exposure Through an Error Message vulnerability in multiple products Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. | 8.6 |
| 2018-09-04 | CVE-2018-10913 | Information Exposure Through an Error Message vulnerability in multiple products An information disclosure vulnerability was discovered in glusterfs server. | 4.0 |