Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-497 (将系统数据暴露到未授权控制的范围) — Vulnerability Class 286

286 vulnerabilities classified as CWE-497 (将系统数据暴露到未授权控制的范围). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-49252 WordPress leyka plugin <=3.31.6 - Broken Access Control vulnerability — Leyka 5.3 Medium2024-10-16
CVE-2024-9470 Cortex XSOAR: Information Disclosure Vulnerability — Cortex XSOAR 4.3AIMediumAI2024-10-09
CVE-2024-6389 Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab — GitLab 4.3 Medium2024-09-12
CVE-2024-8687 PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes — PAN-OS 9.8AICriticalAI2024-09-11
CVE-2023-42010 IBM Sterling B2B Integrator Standard Edition information disclosure — Sterling B2B Integrator Standard Edition 3.1 Low2024-07-17
CVE-2024-39740 IBM Datacap Navigator information disclosure — Datacap Navigator 4.3 Medium2024-07-15
CVE-2024-39675 Siemens 多款产品安全漏洞 — RUGGEDCOM RMC30 8.8 High2024-07-09
CVE-2024-31223 Fides Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL — fides 5.3 Medium2024-07-03
CVE-2024-5735 Full Path Disclosure in AdmirorFrames Joomla! Extension — AdmirorFrames 5.3AIMediumAI2024-06-28
CVE-2024-6388 Canonical Ubuntu Advantage Desktop Daemon 安全漏洞 — Ubuntu Advantage Desktop Pro 5.9 Medium2024-06-27
CVE-2022-4968 Netplan 安全漏洞 — Netplan 6.5 Medium2024-06-07
CVE-2024-4008 FDSK Leak in KNX Secure Devices — 2.4! Display 55, SD/U12.55.11-825 9.6 Critical2024-06-05
CVE-2023-50180 Fortinet FortiADC 安全漏洞 — FortiADC 5.2 Medium2024-05-14
CVE-2024-1809 Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) <= 5.2.3 - Missing Authorization — Analytify – Google Analytics Dashboard For WordPress (GA4 analytics tracking) 5.4 Medium2024-05-02
CVE-2024-31887 IBM Security Verify Privilege information disclosure — Security Verify Privilege 7.5 High2024-04-16
CVE-2023-4605 Lenovo XClarity Administrator 安全漏洞 — XClarity Administrator 6.5 Medium2024-04-05
CVE-2024-31419 Cnv: information disclosure through the usage of vm-dump-metrics 4.3 Medium2024-04-03
CVE-2023-50959 IBM Cloud Pak for Business Automation information disclosure — Cloud Pak for Business Automation 5.3 Medium2024-03-31
CVE-2024-25634 IDOR make user can read e-mail log sent by other events — alf.io 7.2 High2024-02-19
CVE-2023-5081 Lenovo Tab M8 HD 信息泄露漏洞 — Tablet 3.3 Low2024-01-19
CVE-2024-22125 Information Disclosure vulnerability in Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge) — Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge) 7.4 High2024-01-09
CVE-2024-22124 Information Disclosure vulnerability in SAP NetWeaver Internet Communication Manager — SAP NetWeaver (Internet Communication Manager) 4.1 Medium2024-01-09
CVE-2023-41366 Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform — SAP NetWeaver Application Server ABAP and ABAP Platform 5.3 Medium2023-11-14
CVE-2023-34209 Exposure of Sensitive System Information to an Unauthorized Control Sphere in EasyUse MailHunter Ultimate — MailHunter Ultimate 5.0 Medium2023-10-17
CVE-2023-4237 Platform: ec2_key module prints out the private key directly to the standard output — Red Hat Ansible Automation Platform 2.4 for RHEL 8 7.3 High2023-10-04
CVE-2023-20111 Cisco Identity Services Engine 安全漏洞 — Cisco Identity Services Engine Software 6.5 Medium2023-08-16
CVE-2023-37487 Security misconfiguration vulnerability in SAP Business One (Service Layer) — SAP Business One (Service Layer) 5.3 Medium2023-08-08
CVE-2023-0342 MongoDB Ops Manager may disclose sensitive information in Diagnostic Archive — MongoDB Ops Manager 3.1 Low2023-06-09
CVE-2023-2541 Sensitive information disclosure in KNIME Hub Web Application — KNIME Business Hub 5.3 Medium2023-06-07
CVE-2023-32550 Landscape's Apache server-status is accessible by default — Landscape 9.3 Critical2023-06-06

Vulnerabilities classified as CWE-497 (将系统数据暴露到未授权控制的范围) represent 286 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.