CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2022-31140 HIGH
Valinor < 0.12.0 - Sensitive Information Exposure via Error Message
CVSS 7.5
CVE-2022-31124 HIGH
openssh_key_parser <0.0.6 - Info Disclosure
CVSS 7.7
CVE-2022-31229 CRITICAL
Dell PowerScale OneFS <9.3.0.x - Info Disclosure
CVSS 9.6
CVE-2022-31047 MEDIUM
TYPO3 <7.6.57 ELTS, <8.7.47 ELTS, <9.5.34 ELTS, <10.4.29, <11.5.11 ...
CVSS 5.3
CVE-2022-2062 HIGH
nocodb < 0.91.7 - Sensitive Information Exposure via Error Message
CVSS 7.5
CVE-2022-31023 MEDIUM
Play Framework <2.8.16 - Info Disclosure
CVSS 5.9
CVE-2022-26973 MEDIUM
Barco Control Room Management Suite <3.14 - Info Disclosure
CVSS 5.3
CVE-2022-24906 LOW
Nextcloud Deck < 1.2.11 - Unauthorized Sensitive Information Exposure via Full Path Disclosure
CVSS 3.5
CVE-2022-26070 MEDIUM
Splunk Enterprise <8.1.0 - Info Disclosure
CVSS 4.3
CVE-2022-29266 HIGH
Apache APISIX <3.13.1 - Info Disclosure
CVSS 7.5
CVE-2022-1120 MEDIUM
GitLab < 14.7.7, 14.8 < 14.8.5, 14.9 < 14.9.2 - Sensitive Information Exposure via CI/CD Include Directive Error Message
CVSS 4.8
CVE-2022-23794 MEDIUM
Joomla! 3.0.0-3.10.6 and 4.0.0-4.1.0 - Path Disclosure via Excessive Filename Length
CVSS 5.3
CVE-2022-24731 MEDIUM
Argo CD <2.1.11, 2.2.6, 2.3.0 - Path Traversal
CVSS 6.8
CVE-2022-0563 MEDIUM
util-linux <2.37.4 - Info Disclosure
CVSS 5.5
CVE-2022-0660 HIGH
Packagist microweber/microweber <1.2.11 - Info Disclosure
CVSS 7.5
CVE-2022-0622 MEDIUM
Packagist snipe/snipe-it <5.3.11 - Info Disclosure
CVSS 5.3
CVE-2022-0504 MEDIUM
Packagist microweber/microweber <1.2.11 - Info Disclosure
CVSS 6.5
CVE-2022-22162 HIGH
Junos OS Multiple Versions - Authenticated Privilege Escalation via CLI
CVSS 7.3
CVE-2022-0083 MEDIUM
live_helper_chat < 3.91 - Information Disclosure via Error Message
CVSS 5.3
CVE-2022-0079 MEDIUM
showdoc < 2.10.0 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2021-20455 LOW
IBM Cognos Controller <11.0.1 - Info Disclosure
CVSS 3.7
CVE-2021-3986 MEDIUM
calibre-web < 0.6.15 - Unauthorized Private Shelf Name Disclosure via Error Message
CVSS 4.3
CVE-2021-47381 MEDIUM
Linux Kernel 5.2-5.14.10 - Information Disclosure via DSP Oops Stack Dump
CVSS 5.5
CVE-2021-47161 MEDIUM
Linux Kernel 4.10-4.14.240 - Resource Leak in SPI FSL DSPi Error Handling Path
CVSS 5.5
CVE-2021-42777 CRITICAL
Stimulsoft Reports 2013.1.1600.0 - Remote Code Execution via Compilation Mode
CVSS 9.8
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits