Falhas do tipo CWE-212
64 resultadosCVE-2020-15094HIGHRCE in SymfonyEPSS 3.0%CVE-2022-0355HIGHImproper Removal of Sensitive Information Before Storage or Transfer in feross/simple-getEPSS 2.0%CVE-2018-6337HIGHfolly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked childEPSS 1.8%CVE-2022-1650HIGHImproper Removal of Sensitive Information Before Storage or Transfer in eventsource/eventsourceEPSS 1.7%CVE-2018-1062—A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disksEPSS 1.4%CVE-2020-14370—An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or thEPSS 1.4%CVE-2022-24798HIGHInsufficient password hash filtering in some IRRd queries and exportsEPSS 1.4%CVE-2022-30617—An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, foEPSS 1.3%CVE-2022-2818CRITICALImproper Removal of Sensitive Information Before Storage or Transfer in cockpit-hq/cockpitEPSS 1.3%CVE-2022-0536LOWImproper Removal of Sensitive Information Before Storage or Transfer in follow-redirects/follow-redirectsEPSS 1.3%CVE-2020-14301—An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were EPSS 1.2%CVE-2017-15113HIGHovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking. Only administrators can EPSS 1.2%CVE-2022-30618—An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, foEPSS 0.9%CVE-2023-28834LOWFull path of data directory exposed to Nextcloud server usersEPSS 0.8%CVE-2022-1893MEDIUMImproper Removal of Sensitive Information Before Storage or Transfer in polonel/trudeskEPSS 0.8%CVE-2022-4734HIGHImproper Removal of Sensitive Information Before Storage or Transfer in usememos/memosEPSS 0.8%CVE-2024-43554MEDIUMWindows Kernel-Mode Driver Information Disclosure VulnerabilityEPSS 0.6%CVE-2018-5559LOWIn Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always encrypted-at-rest connection data could returnEPSS 0.6%CVE-2024-31493MEDIUMAn improper removal of sensitive information before storage or transfer vulnerability [CWE-212] in FortiSOAR version 7.3.0, version 7.2.2 anEPSS 0.5%CVE-2024-8474HIGHOpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, EPSS 0.5%