Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-497 (将系统数据暴露到未授权控制的范围) — Vulnerability Class 286

286 vulnerabilities classified as CWE-497 (将系统数据暴露到未授权控制的范围). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-32792 ses's global contour bindings leak into Compartment lexical scope — endo 7.5 -2025-04-18
CVE-2025-39439 WordPress wpLike2Get plugin <= 1.2.9 - Sensitive Data Exposure vulnerability — wpLike2Get 5.3 Medium2025-04-17
CVE-2025-39556 WordPress Mediavine Control Panel plugin <= 2.10.6 - Sensitive Data Exposure vulnerability — Mediavine Control Panel 5.3 Medium2025-04-16
CVE-2025-39589 WordPress Essential Addons for Elementor plugin <= 6.1.9 - Sensitive Data Exposure Vulnerability — Essential Addons for Elementor 4.3 Medium2025-04-16
CVE-2025-26730 WordPress Macro Calculator with Admin Email Optin & Data plugin <= 1.0 - Multiple Vulnerabilities vulnerability — Macro Calculator with Admin Email Optin & Data 7.5 High2025-04-15
CVE-2022-43852 IBM Aspera Console information disclosure — Aspera Console 5.3 Medium2025-04-14
CVE-2025-32228 WordPress Ai Image Alt Text Generator for WP plugin <= 1.1.9 - Sensitive Data Exposure vulnerability — Ai Image Alt Text Generator for WP 4.3 Medium2025-04-10
CVE-2025-31003 WordPress Squeeze plugin <= 1.6 - Full Path Disclosure (FPD) vulnerability — Squeeze 2.7 Low2025-04-09
CVE-2025-27934 Inaba Denki Sangyo Wi-Fi AP UNIT 安全漏洞 — AC-WPS-11ac 7.5 High2025-04-09
CVE-2025-32164 WordPress m1.DownloadList plugin <= 0.24 - Sensitive Data Exposure vulnerability — m1.DownloadList 6.5 Medium2025-04-08
CVE-2025-32026 Element Web could load a malicious instance of Element Call leaking media encryption keys — element-web 3.8 Low2025-04-08
CVE-2024-45549 Exposure of Sensitive System Information to an Unauthorized Control Sphere in KERNEL — Snapdragon 7.7 High2025-04-07
CVE-2025-32255 WordPress StaffList plugin <= 3.2.7 - Sensitive Data Exposure vulnerability — StaffList 5.3 Medium2025-04-04
CVE-2025-32251 WordPress Jetpack Feedback Exporter plugin <= 1.23 - Sensitive Data Exposure Vulnerability — Jetpack Feedback Exporter 5.3 Medium2025-04-04
CVE-2025-0278 An internal path disclosure vulnerability affects HCL Traveler — HCL Traveler 4.3 Medium2025-04-03
CVE-2025-31832 WordPress ACF City Selector plugin <= 1.17.0 - Sensitive Data Exposure vulnerability — ACF City Selector 5.3 Medium2025-04-01
CVE-2025-30802 WordPress Our Team Members plugin <= 2.2 - Sensitive Data Exposure vulnerability — Our Team Members 4.3 Medium2025-04-01
CVE-2025-27149 Zulip exports can leak private data — zulip 6.5 -2025-03-31
CVE-2024-8313 Default or Guessable SNMP community names in B&R APROL — APROL 8.8AIHighAI2025-03-25
CVE-2025-2598 AWS CDK CLI prints AWS credentials retrieved by custom credential plugins — Cloud Development Kit Command Line Interface 5.5 Medium2025-03-21
CVE-2024-10940 Exposure of Sensitive System Information via ImagePromptTemplate in langchain-ai/langchain — langchain-ai/langchain 7.5 -2025-03-20
CVE-2025-23382 Dell Secure Connect Gateway 安全漏洞 — Secure Connect Gateway (SCG) 5.0 Appliance - SRS 5.5 Medium2025-03-19
CVE-2024-52905 IBM Sterling B2B Integrator information disclosure — Sterling B2B Integrator Standard Edition 2.7 Low2025-03-10
CVE-2025-26911 WordPress System Dashboard plugin <= 2.8.18 - Sensitive Data Exposure vulnerability — System Dashboard 4.3 Medium2025-02-25
CVE-2025-26758 WordPress Spotlight Social Feeds plugin <= 1.7.1 - Sensitive Data Exposure vulnerability — Spotlight Social Media Feeds 5.3 Medium2025-02-17
CVE-2025-1212 Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab — GitLab 4.3 Medium2025-02-12
CVE-2025-1144 Quanxun School Affairs System - Exposure of Sensitive Information — School Affairs System 9.8 Critical2025-02-11
CVE-2024-8550 Local File Inclusion (LFI) in modelscope/agentscope — modelscope/agentscope 7.5 -2025-02-10
CVE-2024-37526 IBM Watson Query on Cloud Pak for Data information disclosure — Data Virtualization 6.5 Medium2025-01-27
CVE-2024-40706 IBM InfoSphere Information Server information disclosure — InfoSphere Information Server 5.3 Medium2025-01-24

Vulnerabilities classified as CWE-497 (将系统数据暴露到未授权控制的范围) represent 286 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.