Weaknesses of type CWE-922
278 resultsCVE-2024-23290MEDIUMA logic issue was addressed with improved restrictions. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchEPSS 0.5%CVE-2023-45859HIGHIn Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client EPSS 0.5%CVE-2024-4213MEDIUMShopping Cart & eCommerce Store <= 5.6.4 - Sensitive Information ExposureEPSS 0.5%CVE-2024-52519LOWNextcloud Server's OAuth2 client secrets were stored in a recoverable wayEPSS 0.5%CVE-2024-21258MEDIUMVulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User Interface). Supported versions that are affeEPSS 0.5%CVE-2025-22984HIGHAn access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0 allows unauthenticated attackers to access senEPSS 0.5%CVE-2025-22983HIGHAn access control issue in the component /square/getAllSquare/circle of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive iEPSS 0.5%CVE-2024-56113HIGHSmart Toilet Lab - Motius 1.3.11 is running with debug mode turned on (DEBUG = True) and exposing sensitive information defined in Django seEPSS 0.5%CVE-2024-10943CRITICALFactoryTalk® Updater Authentication BypassEPSS 0.5%CVE-2024-48352HIGHYealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server response via sending HTTP request with enterEPSS 0.5%CVE-2024-29968HIGHSQL Table names, column names, and SQL queries are collected in DR standby SupportsaveEPSS 0.5%CVE-2024-12315HIGHExport All Posts, Products, Orders, Refunds & Users <= 2.9.3 - Information Disclosure Through Unprotected DirectoryEPSS 0.5%CVE-2023-0580MEDIUMInformation Disclosure vulnerability in My Control System (on-premise)EPSS 0.5%CVE-2024-23445MEDIUMElasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictionsEPSS 0.5%CVE-2024-25655MEDIUMInsecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allowEPSS 0.5%CVE-2025-2241HIGHHive: exposure of vcenter credentials via clusterprovision in hive / mce / acmEPSS 0.5%CVE-2025-28244HIGHInsecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows remote attackers to obtain valid user session EPSS 0.5%CVE-2024-10028HIGHEverest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.2.13 - Sensitive Invormation Disclosure via procstat LogEPSS 0.4%CVE-2023-37879MEDIUMExposed Session Variable in Wing FTP Server <= 7.2.0EPSS 0.4%CVE-2024-39775MEDIUMNet Manager has an out-of-bounds read permission bypass vulnerabilityEPSS 0.4%