CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2024-28765 MEDIUM
Security vulnerability was found in IBM Security Directory Integrator
CVSS 5.3
CVE-2024-41984 LOW
Siemens Opcenter Quality SmartClient Modules - Information Disclosure via Error Message
CVSS 2.6
CVE-2024-41983 LOW
Siemens Opcenter Quality SmartClient - SQL Error Message Information Disclosure
CVSS 3.5
CVE-2024-37524 MEDIUM
IBM Analytics Content Hub 2.0-2.3 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2024-56342 MEDIUM
IBM Verify Identity Access Digital Credentials 24.06 - Sensitive Information Exposure via Error Message
CVSS 4.3
CVE-2024-11129 MEDIUM
GitLab 17.1-17.8.6 17.9-17.9.5 17.10-17.10.3 - Information Disclosure via Issue Search
CVSS 6.3
CVE-2024-55895 LOW
IBM InfoSphere Information Server 11.7 - Sensitive Information Exposure via Error Message
CVSS 2.7
CVE-2024-12380 MEDIUM
GitLab 11.5-17.7.6, 17.8-17.8.4, 17.9-17.9.1 - Sensitive Information Exposure in Repository Mirroring Settings
CVSS 4.4
CVE-2024-56812 LOW
IBM EntireX 11.1 - Sensitive Information Disclosure via Detailed Error Messages
CVSS 3.3
CVE-2024-56811 LOW
IBM EntireX 11.1 - Sensitive Information Exposure via Detailed Error Messages
CVSS 3.3
CVE-2024-56810 LOW
IBM EntireX 11.1 - Sensitive Information Exposure via Detailed Technical Error Message
CVSS 3.3
CVE-2024-56496 LOW
IBM EntireX 11.1 - Sensitive Information Exposure via Detailed Error Messages
CVSS 3.3
CVE-2024-56495 LOW
IBM EntireX 11.1 - Sensitive Information Exposure via Detailed Technical Error Message
CVSS 3.3
CVE-2024-56494 LOW
IBM EntireX 11.1 - Sensitive Information Exposure via Detailed Technical Error Message
CVSS 3.3
CVE-2024-56493 LOW
IBM EntireX 11.1 - Sensitive Information Exposure via Detailed Error Messages
CVSS 3.3
CVE-2024-13537 MEDIUM
C9 Blocks <= 1.7.7 - Unauthenticated Full Path Disclosure via composer-setup.php
CVSS 5.3
CVE-2024-13540 MEDIUM
WooODT Lite < 2.5.1 - Unauthenticated Full Path Disclosure via Publicly Accessible Order File
CVSS 5.3
CVE-2024-13538 MEDIUM
BigBuy Dropshipping Connector for WooCommerce <= 2.0.0 - Unauthenticated Full Path Disclosure via generate-default.php
CVSS 5.3
CVE-2024-13535 MEDIUM
Actionwear products sync <= 2.3.2 - Unauthenticated Full Path Disclosure via composer-setup.php
CVSS 5.3
CVE-2024-13539 MEDIUM
AForms Eats <= 1.3.1 - Unauthenticated Full Path Disclosure via Publicly Accessible phpunit.php
CVSS 5.3
CVE-2024-52611 LOW
SolarWinds Platform < 2025.1 - Information Disclosure via Error Message
CVSS 3.5
CVE-2024-56467 LOW
IBM EntireX 11.1 - Sensitive Information Exposure via Detailed Technical Error Message
CVSS 3.3
CVE-2024-49798 MEDIUM
IBM ApplinX 11.1 - Sensitive Information Exposure via Detailed Error Messages
CVSS 4.3
CVE-2024-45658 LOW
IBM Security Verify Access 10.0.0-10.0.8 - Sensitive Information Exposure via Detailed Error Messages
CVSS 2.7
CVE-2024-45659 MEDIUM
IBM Security Verify Access 10.0.0-10.0.8 - Sensitive Information Exposure via Error Message
CVSS 5.3
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits