Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-359 (侵犯隐私) — Vulnerability Class 123

123 vulnerabilities classified as CWE-359 (侵犯隐私). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-15623 Sparx Pro Cloud Server reveals sensitive information to an unauthenticated user — Sparx Pro Cloud Server 7.5AIHighAI2026-04-17
CVE-2026-3911 Org.keycloak.services.resources.admin.userresource: keycloak: information disclosure of disabled user attributes via administrative endpoint — Red Hat build of Keycloak 26.4 2.7 Low2026-03-11
CVE-2026-0102 Microsoft Edge (Chromium-based) Defense in Depth Vulnerability — Microsoft Edge (Chromium-based) 3.1 Low2026-02-17
CVE-2020-37173 AVideo Platform 8.1 - Information Disclosure (User Enumeration) — AVideo Platform 7.5 High2026-02-11
CVE-2026-24321 Information Disclosure vulnerability in SAP Commerce Cloud — SAP Commerce Cloud 5.3 Medium2026-02-10
CVE-2025-66605 Yokogawa FAST/TOOLS 安全漏洞 — FAST/TOOLS 6.1AIMediumAI2026-02-09
CVE-2026-24735 Apache Answer: Revision API Improper Access Control leads to Information Disclosure — Apache Answer 5.3AIMediumAI2026-02-04
CVE-2025-11598 Exposure of Confidential Information in mObywatel application — mObywatel 4.0AIMediumAI2026-02-03
CVE-2025-14317 User Enumeration in Crazy Bubble Tea mobile application — Crazy Bubble Tea 6.5AIMediumAI2026-01-14
CVE-2025-3950 Exposure of Private Personal Information to an Unauthorized Actor in GitLab — GitLab 3.5 Low2026-01-09
CVE-2025-68945 Gitea 安全漏洞 — Gitea 5.8 Medium2025-12-26
CVE-2025-13008 Session Token Disclosure in M-Files Web — M-Files Server 6.5AIMediumAI2025-12-19
CVE-2025-1030 Sensitive Data Exposure in Utarit Informatics' SoliClub — SoliClub 7.5 High2025-12-18
CVE-2025-34441 AVideo < 20.1 User Information Disclosure via Public API — AVideo 7.5AIHighAI2025-12-17
CVE-2025-10450 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in RTI Connext Professional (Core Libraries) allows Sniffing Network Traffic. — Connext Professional 5.3AIMediumAI2025-12-16
CVE-2025-0969 Brizy – Page Builder <= 2.7.16 - Authenticated (Contributor+) Sensitive Information Exposure via get_users Function — Brizy – Page Builder 6.5 Medium2025-12-13
CVE-2025-66510 Nextcloud Server Contacts Search allowed users to retrieve contact information of other users beyond their contact list — security-advisories 4.5 Medium2025-12-05
CVE-2025-12536 SureForms <= 1.13.1 - Missing Authorization to Unauthenticated Sensitive Information Exposure — SureForms – Contact Form, Payment Form & Other Custom Form Builder 5.3 Medium2025-11-13
CVE-2025-36131 IBM Db2 information disclosure — Db2 4.6 Medium2025-11-07
CVE-2025-52602 HCL BigFix Query is affected by a sensitive information disclosure vulnerability in the WebUI Query application — BigFix Query 4.2 Medium2025-11-05
CVE-2025-35981 Gallagher Command Centre Server 安全漏洞 — Command Centre Server 5.5 Medium2025-10-23
CVE-2025-62644 Restaurant Brands International assistant platform 安全漏洞 — assistant platform 5.0 Medium2025-10-17
CVE-2025-53950 Fortinet FortiDLP 安全漏洞 — FortiDLP 5.1 Medium2025-10-16
CVE-2025-62362 Name and e-mail of employee that has done a publication is discoverable in gpp-burgerportaal — GPP-burgerportaal 4.3AIMediumAI2025-10-13
CVE-2025-5009 Information Disclosure in Gemini iOS App — Gemini 5.7AIMediumAI2025-10-08
CVE-2025-59843 FlagForgeCTF Exposes User Emails via Public /api/user/[username] API — flagForge 5.3 -2025-09-26
CVE-2025-41685 SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user — ennexos.sunnyportal.com 6.5 Medium2025-08-19
CVE-2025-53765 Azure Stack Hub Information Disclosure Vulnerability — Azure Stack Hub 4.4 Medium2025-08-12
CVE-2025-54125 XWiki Platform: Password and email exposure in xml.vm fields — xwiki-platform 8.1AIHighAI2025-08-05
CVE-2025-54124 XWiki Platform: Any user with editing rights can access password properties through Database List Properties — xwiki-platform 6.5AIMediumAI2025-08-05

Vulnerabilities classified as CWE-359 (侵犯隐私) represent 123 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.