Vulnerabilities > Information Exposure Through an Error Message
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-22 | CVE-2018-12886 | Information Exposure Through an Error Message vulnerability in GNU GCC stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against. | 8.1 |
| 2019-05-20 | CVE-2019-12215 | Information Exposure Through an Error Message vulnerability in Matomo 3.9.1 A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user can trigger a particular error to discover the full path of Matomo on the disk, because lastError.file is used in plugins/CorePluginsAdmin/templates/safemode.twig. | 4.3 |
| 2019-04-17 | CVE-2019-9223 | Information Exposure Through an Error Message vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. | 7.5 |
| 2019-04-11 | CVE-2019-7644 | Information Exposure Through an Error Message vulnerability in Auth0 Auth0-Wcf-Service-Jwt Auth0 Auth0-WCF-Service-JWT before 1.0.4 leaks the expected JWT signature in an error message when it cannot successfully validate the JWT signature. | 9.8 |
| 2019-02-12 | CVE-2019-7550 | Information Exposure Through an Error Message vulnerability in Jforum 2.1.8 In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whether a user exists by using the "create user" function. | 5.3 |
| 2018-10-15 | CVE-2018-17961 | Information Exposure Through an Error Message vulnerability in multiple products Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. | 8.6 |
| 2018-08-03 | CVE-2018-14925 | Information Exposure Through an Error Message vulnerability in Matera Banco 1.0.0 Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstrated by a stack trace revealing use of net.sf.acegisecurity components. | 9.8 |
| 2018-08-03 | CVE-2018-14907 | Information Exposure Through an Error Message vulnerability in 3CX web Server 15.5.8801.3 The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname. | 5.3 |
| 2018-07-18 | CVE-2018-8042 | Information Exposure Through an Error Message vulnerability in Apache Ambari Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. | 8.1 |
| 2018-05-22 | CVE-2018-11325 | Information Exposure Through an Error Message vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 9.8 |