CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2025-13726 MEDIUM
IBM Sterling Partner Engagement Manager 6.2.3.0-6.2.3.5/6.2.4.0-6.2.4.2 - Info Disclosure
CVSS 5.3
CVE-2025-69253 MEDIUM
free5GC UDR <=1.4.1 - Info Disclosure
CVSS 5.3
CVE-2025-69208 MEDIUM
free5GC UDR <1.4.1 - Info Disclosure
CVSS 5.3
CVE-2025-65995 MEDIUM
Airflow <3.1.4/2.11.1 - Info Disclosure
CVSS 6.5
CVE-2025-36348 MEDIUM
IBM Sterling B2B Integrator - Info Disclosure
CVSS 4.9
CVE-2025-66594 MEDIUM
Yokogawa Electric Corporation - Info Disclosure
CVSS 5.3
CVE-2025-12773 MEDIUM
Brocade SANnav <2.4.0a - Info Disclosure
CVSS 6.5
CVE-2025-1395 HIGH
Codriapp Innovation & Software Technologies Inc. HeyGarson <3001202...
CVSS 8.2
CVE-2025-11065 MEDIUM
github.com/go-viper/mapstructure/v2 - Info Disclosure
CVSS 5.3
CVE-2025-52023 MEDIUM
gemscms_backend < 2025-05-28 - Unauthenticated Sensitive Information Disclosure via Error Messages
CVSS 5.3
CVE-2025-52022 MEDIUM
gemscms_backend < 2025-05-28 - Unauthenticated Sensitive Information Disclosure via Error Message Generation
CVSS 5.3
CVE-2025-55250 LOW
HCL AION 2 - Technical Error Disclosure
CVSS 1.8
CVE-2025-15526 MEDIUM
Fancy Product Designer <6.4.8 - Info Disclosure
CVSS 5.3
CVE-2025-62840 LOW
HBS 3 Hybrid Backup Sync < 26.2.0.938 - Information Disclosure via Error Message
CVSS 3.3
CVE-2025-68110 CRITICAL
ChurchCRM < 6.5.3 - Sensitive Database Information Disclosure in Error Message
CVSS 9.9
CVE-2025-9122 MEDIUM
Hitachi Vantara Pentaho Data Integration & Analytics Community Dash...
CVSS 5.3
CVE-2025-13978 MEDIUM
GitLab 17.5-18.4.5, 18.5-18.5.3, 18.6-18.6.1 - Authenticated Private Project Name Disclosure via API Requests
CVSS 4.3
CVE-2025-36437 MEDIUM
IBM Planning Analytics Local 2.1.0-2.1.15 - Sensitive Information Disclosure in Error Messages
CVSS 4.3
CVE-2025-66549 LOW
Nextcloud Desktop <3.16.5 - Info Disclosure
CVSS 2.4
CVE-2025-13596 LOW
ATISoluciones CIGES <2.15.6 - Info Disclosure
CVE-2025-52671 MEDIUM
Revive Adserver 5.5.2 and 6.0.1 - Sensitive Information Disclosure via SQL Error Message
CVSS 4.3
CVE-2025-41076 MEDIUM
LimeSurvey 6.13.0 - Unauthenticated Sensitive Information Exposure via Malformed Session Cookie
CVSS 6.5
CVE-2025-9977 MEDIUM
Times Software E-Payroll - Unauthenticated DoS & SQL Injection
CVE-2025-54562 MEDIUM
Desktop Alert PingAlert Application Server 6.1.0.11-6.1.1.2 - Sensitive Information Disclosure via Stack Trace
CVSS 4.3
CVE-2025-64749 MEDIUM
Directus < 11.13.0 - Information Disclosure via Collection Existence Error Messages
CVSS 4.3
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits