Falhas do tipo CWE-922
278 resultadosCVE-2024-55931MEDIUMToken stored in session storageEPSS 0.3%CVE-2024-53931CRITICALThe com.glitter.caller.screen (aka iCaller, Caller Theme & Dialer) application through 1.1 for Android enables any application (with no permEPSS 0.3%CVE-2024-53932CRITICALThe com.remi.colorphone.callscreen.calltheme.callerscreen (aka Color Phone: Call Screen Theme) application through 21.1.9 for Android enableEPSS 0.3%CVE-2025-25732MEDIUMIncorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.4EPSS 0.3%CVE-2023-26427LOWDefault permissions for a properties file were too permissive. Local system users could read potentially sensitive information. We updated tEPSS 0.3%CVE-2024-43427LOWMoodle: admin presets export tool includes some secrets that should not be exportedEPSS 0.3%CVE-2023-37521LOWHCL BigFix OSD Bare Metal Server WebUI is affected by sensitive information disclosureEPSS 0.3%CVE-2024-21117MEDIUMVulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions thatEPSS 0.3%CVE-2019-20469MEDIUMAn issue was discovered on One2Track 2019-12-08 devices. Confidential information is needlessly stored on the smartwatch. Audio files are stEPSS 0.3%CVE-2020-8482HIGHABB Device Library Wizard Information Disclosure VulnerabilityEPSS 0.3%CVE-2024-54728MEDIUMIncorrect access control in BYD QIN PLUS DM-i Dilink OS 3.0_13.1.7.2204050.1 allows unauthorized attackers to access system logcat logs.EPSS 0.3%CVE-2024-56964MEDIUMAn issue in Che Hao Duo Used Automobile Agency (Beijing) Co., Ltd Guazi Used Car iOS 10.15.1 allows attackers to access sensitive user inforEPSS 0.3%CVE-2024-56949MEDIUMAn issue in Guangzhou Polar Future Culture Technology Co., Ltd University Search iOS 2.27.0 allows attackers to access sensitive user informEPSS 0.3%CVE-2024-56972MEDIUMAn issue in Midea Group Co., Ltd Midea Home iOS 9.3.12 allows attackers to access sensitive user information via supplying a crafted link.EPSS 0.3%CVE-2024-56952MEDIUMAn issue in Beijing Baidu Netcom Science & Technology Co Ltd Baidu Lite app (iOS version) 6.40.0 allows attackers to access user informationEPSS 0.3%CVE-2024-56971MEDIUMAn issue in Zhiyuan Yuedu (Guangzhou) Literature Information Technology Co., Ltd Shuqi Novel iOS 5.3.8 allows attackers to access sensitive EPSS 0.3%CVE-2024-56947MEDIUMAn issue in Xiamen Meitu Technology Co., Ltd. BeautyCam iOS v12.3.60 allows attackers to access sensitive user information via supplying a cEPSS 0.3%CVE-2024-56965MEDIUMAn issue in Shanghai Shizhi Information Technology Co., Ltd Shihuo iOS 8.16.0 allows attackers to access sensitive user information via suppEPSS 0.3%CVE-2024-56959MEDIUMAn issue in Mashang Consumer Finance Co., Ltd Anyihua iOS 3.6.2 allows attackers to access sensitive user information via supplying a crafteEPSS 0.3%CVE-2024-56953MEDIUMAn issue in Baidu (China) Co Ltd Baidu Input Method (iOS version) v12.6.13 allows attackers to access user information via supplying a craftEPSS 0.3%