Vulnerabilities > Information Exposure Through an Error Message
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-15 | CVE-2018-17961 | Information Exposure Through an Error Message vulnerability in multiple products Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. | 8.6 |
| 2018-09-04 | CVE-2018-10913 | Information Exposure Through an Error Message vulnerability in multiple products An information disclosure vulnerability was discovered in glusterfs server. | 4.0 |
| 2018-08-03 | CVE-2018-14925 | Information Exposure Through an Error Message vulnerability in Matera Banco 1.0.0 Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstrated by a stack trace revealing use of net.sf.acegisecurity components. | 7.5 |
| 2018-08-03 | CVE-2018-14907 | Information Exposure Through an Error Message vulnerability in 3CX web Server 15.5.8801.3 The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname. | 5.0 |
| 2018-07-18 | CVE-2018-8042 | Information Exposure Through an Error Message vulnerability in Apache Ambari Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. | 4.3 |
| 2018-05-22 | CVE-2018-11325 | Information Exposure Through an Error Message vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 5.0 |
| 2018-02-14 | CVE-2018-2379 | Information Exposure Through an Error Message vulnerability in SAP Hana Extended Application Services 1.0 In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given username is valid by evaluating error messages of a specific endpoint. | 6.5 |
| 2017-08-16 | CVE-2017-7551 | Information Exposure Through an Error Message vulnerability in Fedoraproject 389 Directory Server 1.3.5.19/1.3.6.7 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts. | 9.8 |
| 2017-07-31 | CVE-2017-1370 | Information Exposure Through an Error Message vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user credentials, through an error message from the Report Builder administrator configuration page. | 4.0 |
| 2017-04-29 | CVE-2017-7945 | Information Exposure Through an Error Message vulnerability in Paloaltonetworks Pan-Os The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests, aka PAN-SA-2017-0014 and PAN-72769. | 5.0 |