Weaknesses of type CWE-668
205 resultsCVE-2023-22892HIGHThere exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticateEPSS 0.6%CVE-2023-22777MEDIUMAuthenticated Information Disclosure in ArubaOS Web-based Management InterfaceEPSS 0.6%CVE-2022-21947HIGHrancher desktop: Dashboard API is network accessibleEPSS 0.6%CVE-2023-22775MEDIUMAuthenticated Sensitive Information Disclosure in ArubaOS Command Line InterfaceEPSS 0.6%CVE-2023-26588HIGHUse of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The aEPSS 0.6%CVE-2025-54126MEDIUMWebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specifiedEPSS 0.6%CVE-2023-26458MEDIUM Information Disclosure vulnerability in SAP Landscape ManagementEPSS 0.6%CVE-2026-39911HIGHHashgraph Guardian 3.5.1 Unsandboxed JavaScript Execution RCEEPSS 0.5%CVE-2024-5660CRITICALUse of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-AEPSS 0.5%CVE-2026-42535CRITICALApache HTTP Server: mod_dav_fs protected directory accessEPSS 0.5%CVE-2021-41088HIGHRemote code execution via the web UI backend of ElvishEPSS 0.5%CVE-2022-3866MEDIUMNomad Workload Identity Token Can List Non-sensitive Metadata for Paths Under nomad/EPSS 0.5%CVE-2023-25192MEDIUMAMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00.EPSS 0.5%CVE-2026-29093HIGHWWBN AVideo: Unauthenticated PHP session store exposed to host network via published memcached portEPSS 0.5%CVE-2020-26261HIGHuser-readable api tokens in systemd unitsEPSS 0.5%CVE-2026-45411CRITICALvm2: Sandbox Breakout Using Async GeneratorEPSS 0.5%CVE-2025-23205MEDIUM`frame-ancestors: self` grants all users access to formgrader in nbgraderEPSS 0.5%CVE-2019-9011MEDIUMIn Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker can identify valid usernames.EPSS 0.4%CVE-2026-30912HIGHApache Airflow: Exposing stack trace in case of constraint errorEPSS 0.4%CVE-2025-34064CRITICALOneLogin AD Connector Log S3 Bucket Hijack Leading to Cross-Tenant Data LeakageEPSS 0.4%