Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

CWE-497 (将系统数据暴露到未授权控制的范围) — Vulnerability Class 286

286 vulnerabilities classified as CWE-497 (将系统数据暴露到未授权控制的范围). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPaused
CVE-2025-27550 IBM Jazz Reporting Service Information Disclosure — Jazz Reporting Service 3.5 Low2026-02-04
CVE-2026-25023 WordPress Run Contests, Raffles, and Giveaways with ContestsWP plugin <= 2.0.7 - Sensitive Data Exposure vulnerability — Run Contests, Raffles, and Giveaways with ContestsWP 7.5AIHighAI2026-02-03
CVE-2026-24998 WordPress Hustle plugin <= 7.8.9.2 - Sensitive Data Exposure vulnerability — Hustle 7.5AIHighAI2026-02-03
CVE-2025-36238 Power System Exposure of Sensitive System Information — PowerVM Hypervisor 6.0 Medium2026-02-02
CVE-2023-37525 HCL BigFix Compliance is vulnerable to a sensitive information disclosure — BigFix Compliance 5.3 Medium2026-01-28
CVE-2025-59098 Trace Functionality Leaking Sensitive Data in dormakaba access manager — Access Manager 92xx-k5 7.5AIHighAI2026-01-26
CVE-2026-24593 WordPress AWP Classifieds plugin <= 4.4.3 - Sensitive Data Exposure vulnerability — AWP Classifieds 6.5 -2026-01-23
CVE-2026-24553 WordPress Fraud Prevention For Woocommerce plugin <= 2.3.2 - Sensitive Data Exposure vulnerability — Fraud Prevention For Woocommerce 7.5 -2026-01-23
CVE-2026-24536 WordPress Webpushr plugin <= 4.38.0 - Sensitive Data Exposure vulnerability — Webpushr 5.3 Medium2026-01-23
CVE-2026-24523 WordPress WP FullCalendar plugin <= 1.6 - Sensitive Data Exposure vulnerability — WP FullCalendar 5.3 Medium2026-01-23
CVE-2026-24377 WordPress Nexter Blocks plugin <= 4.6.3 - Sensitive Data Exposure vulnerability — Nexter Blocks 4.3 Medium2026-01-22
CVE-2025-68046 WordPress Contact Form & Lead Form Elementor Builder plugin <= 2.0.1 - Sensitive Data Exposure vulnerability — Contact Form & Lead Form Elementor Builder 7.5AIHighAI2026-01-22
CVE-2025-67954 WordPress Salon booking system plugin <= 10.30.3 - Sensitive Data Exposure vulnerability — Salon booking system 7.5AIHighAI2026-01-22
CVE-2025-63051 WordPress REHub Framework plugin < 19.9.9.4 - Sensitive Data Exposure vulnerability — REHub Framework 7.5AIHighAI2026-01-22
CVE-2020-36926 SmarterTools SmarterTrack 7922 -Information Disclosure — SmarterTools SmarterTrack 7.5 High2026-01-15
CVE-2026-22915 SICK TDC-X401GL 安全漏洞 — TDC-X401GL 4.3 Medium2026-01-15
CVE-2026-0494 Information Disclosure vulnerability in SAP Fiori App (Intercompany Balance Reconciliation) — SAP Fiori App (Intercompany Balance Reconciliation) 4.3 Medium2026-01-13
CVE-2026-0853 A-Plus Video Technologies|NVR - Sensitive Data Exposure — AP-RM864P 5.3 Medium2026-01-12
CVE-2026-22537 INFORMATION DISCLOSURE WITHIN THE OPERATING SYSTEM — QC 60/90/120 4.6 -2026-01-07
CVE-2025-31051 WordPress Plant - Gardening & Houseplants WordPress Theme <= 1.0.0 - Sensitive Data Exposure Vulnerability — Plant - Gardening & Houseplants WordPress Theme 5.3 Medium2026-01-06
CVE-2020-36922 Sony BRAVIA Digital Signage 1.7.8 Unauthenticated System API Information Disclosure — Sony BRAVIA Digital Signage 7.5 High2026-01-06
CVE-2025-9110 QTS, QuTS hero — QTS 6.5 -2026-01-02
CVE-2025-49340 WordPress Direct Payments WP plugin <= 1.3.3 - Sensitive Data Exposure vulnerability — Direct Payments WP 4.3 Medium2025-12-31
CVE-2025-62083 WordPress BoomDevs WordPress Coming Soon plugin plugin <= 1.0.4 - Sensitive Data Exposure vulnerability — BoomDevs WordPress Coming Soon 4.3 Medium2025-12-31
CVE-2025-62143 WordPress Post Video Players plugin <= 1.163 - Sensitive Data Exposure vulnerability — Post Video Players 4.3 Medium2025-12-31
CVE-2025-62114 WordPress Download Media Library plugin <= 0.2.1 - Sensitive Data Exposure vulnerability — Download Media Library 5.3 Medium2025-12-31
CVE-2025-69025 WordPress Poptics plugin <= 1.0.20 - Sensitive Data Exposure vulnerability — Poptics 6.5 -2025-12-30
CVE-2025-69026 WordPress PopupKit plugin <= 2.1.5 - Sensitive Data Exposure vulnerability — PopupKit 4.3 Medium2025-12-30
CVE-2025-68988 WordPress E-Invoice App Malaysia plugin <= 1.3.0 - Sensitive Data Exposure vulnerability — E-Invoice App Malaysia 5.3 Medium2025-12-30
CVE-2025-36229 Exposure of Sensitive System Information to an Unauthorized Control Sphere in IBM Aspera Faspex — Aspera Faspex 5 3.1 Low2025-12-26

Vulnerabilities classified as CWE-497 (将系统数据暴露到未授权控制的范围) represent 286 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.