CWE-1295
19 CVEs classified under CWE-1295. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-38516 | High | 8.8 | 2024-06-25 | ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This is… |
CVE-2025-31001 | High | 7.5 | 2025-04-01 | Debug Messages Revealing Unnecessary Information vulnerability in TLA Media GTM Kit gtm-kit allows Retrieve Embedded Sensitive Data.This issue affects GTM Kit… |
CVE-2023-5392 | High | 7.5 | 2024-04-11 | C300 information leak due to an analysis feature which allows extracting more memory over the network than required by the function. Honeywell recommends updat… |
CVE-2025-2877 | Medium | 6.5 | 2025-03-28 | A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are expose… |
CVE-2023-4215 | Medium | 6.5 | 2023-10-16 | Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an unauthorized actor vulnerability that could leak user credentials. |
CVE-2021-31412 | Medium | 5.3 | 2021-06-24 | Improper sanitization of path in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.14 (Vaadin 10.0.0 through 10.0.18), 1.1.0… |
CVE-2025-46775 | Medium | 5.2 | 2025-11-18 | A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtende… |
CVE-2024-11217 | Medium | 4.9 | 2024-11-15 | A vulnerability was found in the OAuth-server. OAuth-server logs the OAuth2 client secret when the logLevel is Debug higher for OIDC/GitHub/GitLab/Google IDPs… |
CVE-2024-27179 | Medium | 4.7 | 2024-06-14 | Admin cookies are written in clear-text in logs. An attacker can retrieve them and bypass the authentication mechanism. As for the affected products/models/ver… |
CVE-2023-28077 | Medium | 4.4 | 2024-02-10 | Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to di… |
CVE-2022-34364 | Medium | 4.4 | 2023-02-10 | Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing s… |
CVE-2021-25476 | Medium | 4.1 | 2021-10-06 | An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE. |
CVE-2025-2469 | Low | 3.7 | 2025-04-10 | An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.9.6, and 17.10 before 17.10.4. The runtime profiling data of a specific… |
CVE-2025-35031 | Low | 3.3 | 2025-09-29 | Medical Informatics Engineering Enterprise Health includes the user's current session token in debug output. An attacker could convince a user to send this out… |
CVE-2022-27597 | Low | 2.7 | 2023-03-29 | A vulnerability has been reported to affect QNAP operating systems. If exploited, the out-of-bounds read vulnerability allows remote authenticated administrato… |
CVE-2025-59109 | | 2026-01-26 | The dormakaba registration units 9002 (PIN Pad Units) have an exposed UART header on the backside. The PIN pad is sending every button press to the UART interf… | |
CVE-2025-42604 | | 2025-04-23 | This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerability by ac… | |
CVE-2025-20643 | | 2025-02-03 | In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical acces… | |
CVE-2024-45784 | | 2024-11-15 | Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG a… |