Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

CWE-497 (将系统数据暴露到未授权控制的范围) — Vulnerability Class 286

286 vulnerabilities classified as CWE-497 (将系统数据暴露到未授权控制的范围). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPaused
CVE-2025-67470 WordPress Portfolio and Projects plugin <= 1.5.5 - Sensitive Data Exposure vulnerability — Portfolio and Projects 5.5AIMediumAI2025-12-09
CVE-2025-36112 IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure — Sterling B2B Integrator 5.3 Medium2025-11-24
CVE-2025-66059 WordPress Seriously Simple Podcasting plugin <= 3.13.0 - Sensitive Data Exposure vulnerability — Seriously Simple Podcasting 5.3 Medium2025-11-21
CVE-2025-66056 WordPress Uncanny Automator plugin < 6.10.0 - Sensitive Data Exposure vulnerability — Uncanny Automator 7.5 -2025-11-21
CVE-2025-36160 IBM Concert Information Disclosure — Concert 5.3 Medium2025-11-20
CVE-2022-4985 Vodafone H500s WiFi Password Disclosure via activation.json — Vodafone H500s 7.5 -2025-11-14
CVE-2025-13160 IQ Service International|IQ-Support - Exposure of Sensitive Information — IQ-Support 5.3 Medium2025-11-14
CVE-2025-64267 WordPress WooCommerce Ultimate Points And Rewards plugin <= 2.10.2 - Sensitive Data Exposure vulnerability — WooCommerce Ultimate Points And Rewards 4.3 Medium2025-11-13
CVE-2025-27368 IBM OpenPages Information Disclosure — OpenPages 4.3 Medium2025-11-12
CVE-2025-12779 Amazon WorkSpaces 安全漏洞 — Amazon WorkSpaces 8.8 High2025-11-05
CVE-2024-13998 Nagios XI < 2024R1.1.3 API Keys & Hashed Passwords Authenticated Information Disclosure — XI 8.8AIHighAI2025-11-03
CVE-2024-13995 Nagios XI < 2024R1.1.2 API Keys & Hashed Passwords Authenticated Information Disclosure — XI 8.1AIHighAI2025-10-30
CVE-2025-34283 Nagios XI < 2024R1.4.2 API Key Disclosure via Neptune Themes — XI 6.5AIMediumAI2025-10-30
CVE-2024-13999 Nagios XI < 2024R1.1.3 AD/LDAP Token Authenticated Information Disclosure — XI 8.8AIHighAI2025-10-30
CVE-2025-54459 Vertikal Systems Hospital Manager Backend Services Exposure of Sensitive System Information to an Unauthorized Control Sphere — Hospital Manager Backend Services 7.5 High2025-10-29
CVE-2025-64228 WordPress SUMO Affiliates Pro plugin <= 11.0.0 - Sensitive Data Exposure vulnerability — SUMO Affiliates Pro 6.5AIMediumAI2025-10-29
CVE-2025-43024 HP ThinPro 8.1 SP8 Security Updates — ThinPro 8.1 7.5AIHighAI2025-10-27
CVE-2025-62902 WordPress WP Popup Builder plugin <= 1.3.8 - Sensitive Data Exposure vulnerability — WP Popup Builder 5.3 Medium2025-10-27
CVE-2025-34156 Tibbo AggreGate Network Manager < 6.40.05 System Information Exposure — AggreGate Network Manager 5.3AIMediumAI2025-10-23
CVE-2025-47699 Gallagher Command Centre Server 安全漏洞 — Command Centre Server 9.9 Critical2025-10-23
CVE-2025-59575 WordPress MasterStudy LMS plugin <= 3.6.20 - Sensitive Data Exposure vulnerability — MasterStudy LMS 6.5AIMediumAI2025-10-22
CVE-2025-52752 WordPress IDonatePro plugin <= 2.1.9 - Sensitive Data Exposure vulnerability — IDonatePro 4.9AIMediumAI2025-10-22
CVE-2025-52616 HCL Unica 12.1.10 is affected by an exposure of sensitive information — Unica 5.3 Medium2025-10-12
CVE-2025-4614 PAN-OS: Session Token Disclosure Vulnerability — Cloud NGFW 4.9AIMediumAI2025-10-09
CVE-2025-44823 Nagios Log Server 安全漏洞 — Log Server 9.9 Critical2025-10-07
CVE-2025-58579 Username Disclosure Through Missing Authentication — Baggage Analytics 5.3 Medium2025-10-06
CVE-2025-58585 Sensitive Information Disclosure Through Missing Authentication — Baggage Analytics 5.3 Medium2025-10-06
CVE-2025-58583 User Enumeration — Enterprise Analytics 5.3 Medium2025-10-06
CVE-2025-59447 YoSmart YoLink Smart Hub 安全漏洞 — YoLink Smart Hub 2.2 Low2025-10-06
CVE-2025-60167 WordPress Page Manager for Elementor Plugin <= 2.0.5 - Sensitive Data Exposure Vulnerability — Page Manager for Elementor 4.3 Medium2025-09-26

Vulnerabilities classified as CWE-497 (将系统数据暴露到未授权控制的范围) represent 286 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.