CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2024-39458 LOW
Jenkins Structs < 337.v1b_04ea_4df7c8 - Sensitive Information Exposure in Build Step Error Logs
CVSS 3.1
CVE-2024-37162 MEDIUM
zsa < 0.3.3 - Sensitive Information Exposure via Production Parse Error Stack
CVSS 4.0
CVE-2024-36106 MEDIUM
Argo CD <2.11.3-2.9.17 - Info Disclosure
CVSS 4.3
CVE-2024-36375 MEDIUM
JetBrains TeamCity <2024.03.2 - Info Disclosure
CVSS 5.3
CVE-2024-35232 LOW
huandu/facebook < 2.7.2 - Sensitive Information Exposure via Error Message
CVSS 3.7
CVE-2024-31844 MEDIUM
Italtel Embrace 1.6.4 - Info Disclosure
CVSS 5.3
CVE-2024-35935 LOW
Linux Kernel - Information Exposure via Btrfs Send Path Ref Underflow Error Message
CVSS 3.3
CVE-2024-28285 CRITICAL
Cryptopp Crypto++ <8.9 - Privilege Escalation
CVSS 9.8
CVE-2024-32046 MEDIUM
Mattermost <9.6.0, <9.5.2, <9.4.4 and <8.1.11 - Info Disclosure
CVSS 4.3
CVE-2024-30614 MEDIUM
Ametys < 4.5.0 - Information Disclosure via Error Message
CVSS 5.3
CVE-2024-28939 HIGH
Microsoft OLE DB Driver for SQL Server 18.0.2-18.7.0002.0 - Remote Code Execution
CVSS 8.8
CVE-2024-29059 HIGH KEV
.NET Framework - Leaking ObjRefs via HTTP .NET Remoting
CVSS 7.5
CVE-2024-2009 MEDIUM
Nway Pro 9 - Information Exposure via Error Message in ajax_login_submit_form
CVSS 5.3
CVE-2024-27315 MEDIUM
Apache Superset <3.0.4, >3.1.0 - SQL Injection
CVSS 4.3
CVE-2024-21866 MEDIUM
Rapid SCADA < 5.8.4 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2024-22646 MEDIUM
SEO Panel <4.10.0 - Info Disclosure
CVSS 5.3
CVE-2024-21619 MEDIUM
Juniper Junos OS Unauthenticated Configuration Information Disclosure via Temporary Cache File
CVSS 5.3
CVE-2024-23689 HIGH
ClickHouse Java Libraries < 0.4.6 - Sensitive Information Exposure in Exception Logs
CVSS 8.8
CVE-2024-21733 MEDIUM
Apache Tomcat 8.5.7-8.5.63 and 9.0.0-M11-9.0.43 - Generation of Error Message Containing Sensitive Information
CVSS 5.3
CVE-2024-21313 MEDIUM
Windows 10 1507-23H2 and Windows Server 2008-2022 - Information Disclosure via TCP/IP Error Messages
CVSS 5.3
CVE-2023-38281 MEDIUM
IBM Cloud Pak System - Open Redirect
CVSS 5.3
CVE-2023-38017 MEDIUM
IBM Cloud Pak System - Stored Cross-Site Scripting in Web UI
CVSS 5.3
CVE-2023-38010 MEDIUM
IBM Cloud Pak System - Info Disclosure
CVSS 5.3
CVE-2023-47639 MEDIUM
API Platform Core 3.2.0-3.2.4 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2023-38716 MEDIUM
IBM Cloud Pak System <2.3.4 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits