Fallos del tipo CWE-922
278 resultadosCVE-2024-55931MEDIUMToken stored in session storageEPSS 0.3%CVE-2024-53932CRITICALThe com.remi.colorphone.callscreen.calltheme.callerscreen (aka Color Phone: Call Screen Theme) application through 21.1.9 for Android enableEPSS 0.3%CVE-2024-53931CRITICALThe com.glitter.caller.screen (aka iCaller, Caller Theme & Dialer) application through 1.1 for Android enables any application (with no permEPSS 0.3%CVE-2025-25732MEDIUMIncorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.4EPSS 0.3%CVE-2023-26427LOWDefault permissions for a properties file were too permissive. Local system users could read potentially sensitive information. We updated tEPSS 0.3%CVE-2024-43427LOWMoodle: admin presets export tool includes some secrets that should not be exportedEPSS 0.3%CVE-2023-37521LOWHCL BigFix OSD Bare Metal Server WebUI is affected by sensitive information disclosureEPSS 0.3%CVE-2024-21117MEDIUMVulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions thatEPSS 0.3%CVE-2019-20469MEDIUMAn issue was discovered on One2Track 2019-12-08 devices. Confidential information is needlessly stored on the smartwatch. Audio files are stEPSS 0.3%CVE-2020-8482HIGHABB Device Library Wizard Information Disclosure VulnerabilityEPSS 0.3%CVE-2024-54728MEDIUMIncorrect access control in BYD QIN PLUS DM-i Dilink OS 3.0_13.1.7.2204050.1 allows unauthorized attackers to access system logcat logs.EPSS 0.3%CVE-2024-56950MEDIUMAn issue in KuGou Technology Co., Ltd KuGou Concept iOS 4.0.61 allows attackers to access sensitive user information via supplying a craftedEPSS 0.3%CVE-2024-56967MEDIUMAn issue in Cloud Whale Interactive Technology LLC. PolyBuzz iOS 2.0.20 allows attackers to access sensitive user information via supplying EPSS 0.3%CVE-2024-56954MEDIUMAn issue in Beijing Baidu Netcom Science & Technology Co Ltd Haokan Video iOS 7.70.0 allows attackers to access sensitive user information vEPSS 0.3%CVE-2024-56972MEDIUMAn issue in Midea Group Co., Ltd Midea Home iOS 9.3.12 allows attackers to access sensitive user information via supplying a crafted link.EPSS 0.3%CVE-2024-56949MEDIUMAn issue in Guangzhou Polar Future Culture Technology Co., Ltd University Search iOS 2.27.0 allows attackers to access sensitive user informEPSS 0.3%CVE-2024-56962MEDIUMAn issue in Tencent Technology (Shanghai) Co., Ltd WeSing iOS v9.3.39 allows attackers to access sensitive user information via supplying a EPSS 0.3%CVE-2024-56966MEDIUMAn issue in Shanghai Xuan Ting Entertainment Information & Technology Co., Ltd Qidian Reader iOS 5.9.384 allows attackers to access sensitivEPSS 0.3%CVE-2024-56957MEDIUMAn issue in Kingsoft Office Software Corporation Limited WPS Office iOS 12.20.0 allows attackers to access sensitive user information via suEPSS 0.3%CVE-2024-56960MEDIUMAn issue in Tianjin Xiaowu Information technology Co., Ltd BeiKe Holdings iOS 1.3.50 allows attackers to access sensitive user information vEPSS 0.3%