Fallos del tipo CWE-922
278 resultadosCVE-2023-23522MEDIUMA privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to EPSS 0.3%CVE-2024-38312MEDIUMWhen browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed EPSS 0.3%CVE-2023-37563—ELECOM wireless LAN routers are vulnerable to sensitive information exposure, which allows a network-adjacent unauthorized attacker to obtaiEPSS 0.3%CVE-2026-40868HIGHkyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount tokenEPSS 0.3%CVE-2025-60856MEDIUMReolink Video Doorbell WiFi DB_566128M5MP_W allows root shell access through an unsecured UART/serial console. An attacker with physical accEPSS 0.3%CVE-2024-31400MEDIUMInsertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0. If this vulnerability is exploited, unintenEPSS 0.3%CVE-2025-48929MEDIUMThe TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token with a short expiratEPSS 0.3%CVE-2024-29120MEDIUMApache StreamPark: Information leakage vulnerabilityEPSS 0.3%CVE-2023-32184HIGHA Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local attackers to execute code as the user thEPSS 0.3%CVE-2025-53507HIGHMultiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration inEPSS 0.3%CVE-2024-54485MEDIUMThe issue was addressed by adding additional logic. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2. An aEPSS 0.3%CVE-2024-49201MEDIUMKeyfactor Remote File Orchestrator (aka remote-file-orchestrator) 2.8 before 2.8.1 allows Information Disclosure: sensitive information coulEPSS 0.3%CVE-2024-23229MEDIUMThis issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.5, macOS Sonoma 14.4, EPSS 0.3%CVE-2026-46511HIGHHAXcms: Mass Token Exfiltration and Cross-Tenant HijackEPSS 0.3%CVE-2024-36788MEDIUMNetgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly interceEPSS 0.3%CVE-2024-42677MEDIUMAn issue in Huizhi enterprise resource management system v.1.0 and before allows a local attacker to obtain sensitive information via the /nEPSS 0.3%CVE-2024-54477MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app mEPSS 0.3%CVE-2025-24117MEDIUMThis issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, mEPSS 0.3%CVE-2025-70963HIGHGophish <=0.12.1 is vulnerable to Incorrect Access Control. The administrative dashboard exposes each user’s long-lived API key directly insEPSS 0.3%CVE-2024-10041MEDIUMPam: libpam: libpam vulnerable to read hashed passwordEPSS 0.3%