Falhas do tipo CWE-922
278 resultadosCVE-2024-47043HIGHRuijie Reyee OS Insecure Storage of Sensitive InformationEPSS 0.4%CVE-2024-25360MEDIUMA hidden interface in Motorola CX2L Router firmware v1.0.1 leaks information regarding the SystemWizardStatus component via sending a crafteEPSS 0.4%CVE-2024-48353HIGHYealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a front-end JS file and decrypt the plaintexEPSS 0.4%CVE-2021-42718MEDIUMSensitive data unnecessarily returned from authenticated APIEPSS 0.4%CVE-2026-33407HIGHWallos: SSRF via HTTP Proxy Environment VariableEPSS 0.4%CVE-2022-30361MEDIUMOvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserType. No authenticatioEPSS 0.4%CVE-2024-40813MEDIUMA lock screen issue was addressed with improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, watchOS 10.6. An attackerEPSS 0.4%CVE-2023-49515MEDIUMInsecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proxiEPSS 0.4%CVE-2024-23561MEDIUMHCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerabilityEPSS 0.4%CVE-2025-46627HIGHUse of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to authenticate to the telnet service by calculaEPSS 0.4%CVE-2022-32867LOWThis issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iEPSS 0.4%CVE-2024-42018HIGHAn issue was discovered in Atos Eviden SMC xScale before 1.6.6. During initialization of nodes, some configuration parameters are retrieved EPSS 0.4%CVE-2019-5626LOWBlueCats Reveal Android App Insecure StorageEPSS 0.4%CVE-2019-5627LOWBlueCats Reveal iOS App Insecure StorageEPSS 0.4%CVE-2019-5632MEDIUMHickory Smart Lock Insecure Storage on AndroidEPSS 0.4%CVE-2019-5633MEDIUMHickory Smart Lock Insecure Storage on iOSEPSS 0.4%CVE-2025-45242HIGHRhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the procFileAdminEditImage method in /file/file.admin.EPSS 0.4%CVE-2020-10368LOWCertain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory read access via a "SpeEPSS 0.4%CVE-2024-28808LOWAn issue was discovered in Infinera hiT 7300 5.60.50. Hidden functionality in the web interface allows a remote authenticated attacker to acEPSS 0.4%CVE-2022-21823—A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attackeEPSS 0.3%