CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2017-1370 MEDIUM
IBM Jazz Reporting Service <6.0 - Info Disclosure
CVSS 4.9
CVE-2017-7945 CRITICAL
Palo Alto Networks PAN-OS Unauthenticated User Enumeration via GlobalProtect Login Error Messages
CVSS 9.8
CVE-2017-0885 MEDIUM
Nextcloud Server <9.0.55, 10.0.2 - Info Disclosure
CVSS 4.3
CVE-2016-9459 MEDIUM
Nextcloud Server < 9.0.52 and ownCloud Server < 9.0.4 - Stored Cross-Site Scripting via Download Log
CVSS 6.1
CVE-2015-10012 LOW
sumocoders FrameworkUserBundle <1.4.0 - Info Disclosure
CVSS 3.5
CVE-2014-8161 MEDIUM
Postgresql < 9.0.19 - Error Information Exposure
CVSS 4.3
CVE-2013-6879 MEDIUM
Mijosoft MijoSearch < 2.0.1 - Information Disclosure via Error Message
CVSS 5.3
CVE-2013-7331 MEDIUM KEV
Internet Explorer - Information Disclosure via Microsoft.XMLDOM ActiveX Error Codes
CVSS 6.5
CVE-2012-0059 MEDIUM
Red Hat Network Proxy - Information Disclosure via System Registration XML-RPC Error Messages
CVSS 4.9
CVE-2010-3332
Microsoft .NET Framework - Info Disclosure
CVE-2000-1191
htDig <3.2 beta-3.1.6 - Info Disclosure
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits