Vulnerabilities > Information Exposure Through an Error Message
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-01 | CVE-2023-5514 | Information Exposure Through an Error Message vulnerability in Hitachienergy Esoms The response messages received from the eSOMS report generation using certain parameter queries with full file path can be abused for enumerating the local file system structure. | 5.3 |
| 2023-10-31 | CVE-2023-46240 | Information Exposure Through an Error Message vulnerability in Codeigniter CodeIgniter is a PHP full-stack web framework. | 7.5 |
| 2023-10-17 | CVE-2022-43891 | Information Exposure Through an Error Message vulnerability in IBM Security Verify Privilege On-Premises IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
| 2023-10-16 | CVE-2023-4457 | Information Exposure Through an Error Message vulnerability in Grafana Google Sheets Grafana is an open-source platform for monitoring and observability. The Google Sheets data source plugin for Grafana, versions 0.9.0 to 1.2.2 are vulnerable to an information disclosure vulnerability. The plugin did not properly sanitize error messages, making it potentially expose the Google Sheet API-key that is configured for the data source. This vulnerability was fixed in version 1.2.2. | 7.5 |
| 2023-10-10 | CVE-2023-42475 | Information Exposure Through an Error Message vulnerability in SAP S/4Hana The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality. | 4.3 |
| 2023-09-27 | CVE-2023-0833 | Information Exposure Through an Error Message vulnerability in multiple products A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. | 5.5 |
| 2023-09-22 | CVE-2023-41027 | Information Exposure Through an Error Message vulnerability in Juplink Rx4-1500 Firmware 1.0.4/1.0.5 Credential disclosure in the '/webs/userpasswd.htm' endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.4 and V1.0.5 allows an authenticated attacker to leak the password for the administrative account via requests to the vulnerable endpoint. | 8.8 |
| 2023-09-12 | CVE-2023-40725 | Information Exposure Through an Error Message vulnerability in Siemens QMS Automotive 12.30 A vulnerability has been identified in QMS Automotive (All versions < V12.39). | 4.0 |
| 2023-09-12 | CVE-2023-37489 | Information Exposure Through an Error Message vulnerability in SAP Businessobjects Business Intelligence 430 Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version Management System) - version 403, permits an unauthenticated user to read the code snippet through the UI, which leads to low impact on confidentiality and no impact on the application's availability or integrity. | 5.3 |
| 2023-09-06 | CVE-2023-39264 | Information Exposure Through an Error Message vulnerability in Apache Superset By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users. This vulnerability exists in Apache Superset versions up to and including 2.1.0. | 4.3 |