CWE-213
28 CVEs classified under CWE-213. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-6517 | High | 7.5 | 2024-02-08 | Exposure of Sensitive Information Due to Incompatible Policies vulnerability in Mia Technology Inc. MİA-MED allows Collect Data as Provided by Users. This iss… |
CVE-2023-3441 | Medium | 6.6 | 2024-10-01 | An issue has been discovered in GitLab EE/CE affecting all versions starting from 8.0 before 16.4. The product did not sufficiently warn about security implica… |
CVE-2020-1652 | Medium | 5.6 | 2020-07-17 | OpenNMS is accessible via port 9443 |
CVE-2025-24316 | Medium | 5.3 | 2025-02-28 | The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could lead to unsafe functionalit… |
CVE-2024-49354 | Medium | 5.3 | 2025-01-18 | IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls. |
CVE-2023-40570 | Medium | 5.3 | 2023-08-25 | Datasette is an open source multi-tool for exploring and publishing data. This bug affects Datasette instances running a Datasette 1.0 alpha - 1.0a0, 1.0a1, 1… |
CVE-2023-36919 | Medium | 5.3 | 2023-07-11 | In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Referrer-Policy response header is not i… |
CVE-2017-3211 | Medium | 5.3 | 2020-01-15 | Yopify, an e-commerce notification plugin, up to April 06, 2017, leaks the first name, last initial, city, and recent purchase data of customers, all without u… |
CVE-2023-27465 | Medium | 4.6 | 2023-06-13 | A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP… |
CVE-2025-4976 | Medium | 4.3 | 2025-07-24 | An issue has been discovered in GitLab EE affecting all versions from 17.0 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under certain circum… |
CVE-2025-32791 | Medium | 4.3 | 2025-04-16 | The Backstage Scaffolder plugin houses types and utilities for building scaffolder-related modules. A vulnerability in the Backstage permission plugin backend… |
CVE-2024-44121 | Medium | 4.3 | 2024-09-10 | Under certain conditions Statutory Reports in SAP S/4 HANA allows an attacker with basic privileges to access information which would otherwise be restricted… |
CVE-2022-39848 | Medium | 4.0 | 2022-10-07 | Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via log. |
CVE-2022-33696 | Medium | 4.0 | 2022-07-11 | Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. |
CVE-2022-33694 | Medium | 4.0 | 2022-07-11 | Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent br… |
CVE-2022-33692 | Medium | 4.0 | 2022-07-11 | Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. |
CVE-2024-49827 | Low | 3.7 | 2025-08-18 | IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing attackers to access sensitive information without proper filtering. |
CVE-2023-5117 | Low | 3.7 | 2024-12-25 | An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues… |
CVE-2025-52603 | Low | 3.5 | 2026-02-20 | HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information wh… |
CVE-2022-28794 | Low | 2.2 | 2022-06-07 | Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information. |