Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-200 (信息暴露) — Vulnerability Class 2723

2723 vulnerabilities classified as CWE-200 (信息暴露). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-7919 Simopro Technology|WinMatrix3 Web package - SQL Injection — WinMatrix3 Web package 6.5 Medium2025-07-21
CVE-2025-46382 CyberArk IDP 信息泄露漏洞 — IDP 5.3 Medium2025-07-20
CVE-2025-7874 Metasoft 美特软件 MetaCRM env.jsp information disclosure — MetaCRM 5.3 Medium2025-07-20
CVE-2025-7394 OpenSSL 安全漏洞 — wolfSSL 5.3 -2025-07-18
CVE-2024-42209 HCL Connections is vulnerable to an information disclosure vulnerability — Connections 3.5 Low2025-07-17
CVE-2025-3415 Grafana 安全漏洞 — Grafana 4.3 Medium2025-07-17
CVE-2025-53840 Icinga DB Web Exposure of Sensitive Information to an Unauthorized Actor vulnerability — icingadb-web 2.4 Low2025-07-16
CVE-2025-53887 Directus's exact version number is exposed by the OpenAPI Spec — directus 5.3 Medium2025-07-14
CVE-2025-53886 Directus doesn't redact tokens in Flow logs — directus 4.5 Medium2025-07-14
CVE-2025-53640 Indico vulnerable to user enumeration via API endpoint — indico 5.3AIMediumAI2025-07-14
CVE-2025-7573 LB-LINK BL-WR9000 lighttpd.cgi bs_GetManPwd information disclosure — BL-AC1900 5.3 Medium2025-07-14
CVE-2025-7572 LB-LINK BL-WR9000 lighttpd.cgi bs_GetHostInfo information disclosure — BL-AC1900 5.3 Medium2025-07-14
CVE-2025-7565 LB-LINK BL-AC3600 Web Management Interface lighttpd.cgi geteasycfg information disclosure — BL-AC3600 5.3 Medium2025-07-14
CVE-2020-36848 Total Upkeep by BoldGrid <= 1.14.9 - Unauthenticated Backup Download — Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid 7.5 High2025-07-12
CVE-2025-6745 WoodMart <= 8.2.5 - Unauthenticated Post Disclosure — Woodmart 5.3 Medium2025-07-11
CVE-2025-4593 WP Register Profile With Shortcode <= 3.6.2 - Authenticated (Contributor+) Sensitive Information Exposure — WP Register Profile With Shortcode 6.5 Medium2025-07-11
CVE-2025-34098 Riverbed SteelHead VCX Authenticated Arbitrary File Read via Log Filter Injection — SteelHead VCX 4.9AIMediumAI2025-07-10
CVE-2025-52473 liboqs secret-dependent branching in HQC reference implementation when compiled with Clang 17-20 — liboqs 5.9 Medium2025-07-10
CVE-2025-53624 docusaurus-plugin-content-gists Exposes GitHub Personal Access Token — docusaurus-plugin-content-gists 10.0 Critical2025-07-09
CVE-2025-49664 Windows User-Mode Driver Framework Host Information Disclosure Vulnerability — Windows 10 Version 1507 5.5 Medium2025-07-08
CVE-2025-48808 Windows Kernel Information Disclosure Vulnerability — Windows 10 Version 1507 5.5 Medium2025-07-08
CVE-2025-47980 Windows Imaging Component Information Disclosure Vulnerability — Windows 10 Version 1507 6.2 Medium2025-07-08
CVE-2025-49671 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability — Windows Server 2008 R2 Service Pack 1 6.5 Medium2025-07-08
CVE-2025-53512 Sensitive log retrieval in Juju — Juju 6.5 Medium2025-07-08
CVE-2025-20325 Sensitive Information Disclosure in the SHCConfig logging channel in Clustered Deployments in Splunk Enterprise — Splunk Enterprise 3.1 Low2025-07-07
CVE-2025-34072 Anthropic Slack MCP Server Data Exfiltration via Link Unfurling — Slack MCP Server 6.5AIMediumAI2025-07-02
CVE-2024-13451 Contact Form by Bit Form <= 2.17.5 - Unauthenticated Sensitive Information Exposure — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder 5.3 Medium2025-07-02
CVE-2025-6600 GitHub Enterprise Server Information Disclosure Vulnerability Exposes Private Repository Names via Search API — GitHub Enterprise Server 5.3AIMediumAI2025-07-01
CVE-2025-34062 OneLogin AD Connector API Credential and Signing Key Exposure — OneLogin Active Directory Connector (ADC) 8.1AIHighAI2025-07-01
CVE-2025-53003 Janssen Config API returns results without scope verification — jans 4.3AIMediumAI2025-07-01

Vulnerabilities classified as CWE-200 (信息暴露) represent 2723 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.