Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-200 (信息暴露) — Vulnerability Class 2723

2723 vulnerabilities classified as CWE-200 (信息暴露). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-2920 WP-Members Membership Plugin <= 3.4.9.3 - Unprotected Storage of Potentially Sensitive Files — WP-Members Membership Plugin 5.3 Medium2024-04-26
CVE-2024-32467 Meteraphsere vulnerable to unauthorized viewing by workspace members — metersphere 5.7 Medium2024-04-25
CVE-2024-1139 Cluster-monitoring-operator: credentials leak 7.7 High2024-04-25
CVE-2024-25917 WordPress WP Setup Wizard plugin <= 1.0.8.1 - Auth. Full Database Download Vulnerability — WP Setup Wizard 8.8 High2024-04-25
CVE-2024-3733 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Information Exposure — Essential Addons for Elementor – Popular Elementor Templates & Widgets 5.3 Medium2024-04-25
CVE-2024-4173 SANnav versions exposes Kafka in the wan interface. — Brocade SANnav 7.6 High2024-04-25
CVE-2024-4159 Protection mechanisms — Brocade SANnav 4.3 Medium2024-04-25
CVE-2024-32716 WordPress StreamWeasels Twitch Integration plugin <= 1.7.8 - API Sensitive Data Exposure vulnerability — StreamWeasels Twitch Integration 5.3 Medium2024-04-24
CVE-2024-32726 WordPress Frontend Dashboard plugin <= 2.2.2 - Sensitive Data Exposure on PII vulnerability — Frontend Dashboard 7.5 High2024-04-24
CVE-2024-32780 WordPress VikRentCar Car Rental Management System plugin <= 1.3.2 - Sensitive Data Exposure via Invoices vulnerability — VikRentCar 5.9 Medium2024-04-24
CVE-2024-32781 WordPress Email Customizer for WooCommerce plugin <= 2.6.0 - Sensitive Data Exposure vulnerability — Email Customizer for WooCommerce 7.5 High2024-04-24
CVE-2024-28963 Dell ThinOS 安全漏洞 — Wyse Proprietary OS (Modern ThinOS) 6.2 Medium2024-04-24
CVE-2024-32816 WordPress Combo Blocks plugin <= 2.2.78 - Sensitive Data Exposure via API vulnerability — Post Grid 7.5 High2024-04-24
CVE-2024-4022 Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Version Data version.js information disclosure — KN-1010 5.3 Medium2024-04-21
CVE-2024-4021 Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Configuration Setting ndmComponents.js information disclosure — KN-1010 5.3 Medium2024-04-21
CVE-2024-29961 supply-chain attack risk — Brocade SANnav 8.2 High2024-04-19
CVE-2024-31869 Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used — Apache Airflow 6.5 -2024-04-18
CVE-2024-3928 Dromara open-capacity-platform auth-server heapdump information disclosure — open-capacity-platform 4.3 Medium2024-04-17
CVE-2024-32506 WordPress Radio Player plugin <= 2.0.73 - Sensitive Data Exposure vulnerability — Radio Player 5.4 Medium2024-04-17
CVE-2024-32086 WordPress Citadela Listing plugin <= 5.18.1 - Unauth. Sensitive Data Exposure vulnerability — Citadela Listing 7.5 High2024-04-16
CVE-2024-3574 Authorization Header Leak During Cross-Domain Redirect in scrapy/scrapy — scrapy/scrapy 8.1 -2024-04-16
CVE-2024-31219 Discourse-reactions' reaction data and public topic whisper content exposed on reactions given user activity page — discourse-reactions 4.3 Medium2024-04-15
CVE-2024-24898 Information Leakage in kernel — kernel 6.0 Medium2024-04-15
CVE-2024-24891 Information Leakage in kernel — kernel 6.0 Medium2024-04-15
CVE-2024-3780 Information exposure vulnerability on Technicolor CGA2121 — CGA2121 7.8 High2024-04-15
CVE-2024-22435 HPE NonStop Web ViewPoint Enterprise software, Unauthorized access — HPE NonStop Web ViewPoint Enterprise software 8.3 High2024-04-15
CVE-2024-3505 JFrog Self-Hosted Artifactory Proxy configuration accessible to low-privilege users — Artifactory Self-Hosted 4.3 Medium2024-04-15
CVE-2024-29843 Broken Access control on MOBILE_GET_USERS_LIST in Evolution Controller allows unauthenticated user enumeration — Evolution Controller 7.5 High2024-04-14
CVE-2024-29842 Broken Access control on DESKTOP_EDIT_USER_GET_ABACARD_FIELDS in Evolution Controller allows unauthenticated attackers to retrieve ABACARD values — Evolution Controller 7.5 High2024-04-14
CVE-2024-29841 Broken Access control on DESKTOP_EDIT_USER_GET_KEYS_FIELDS in Evolution Controller allows unauthenticated attackers to retrieve keys values — Evolution Controller 7.5 High2024-04-14

Vulnerabilities classified as CWE-200 (信息暴露) represent 2723 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.