CWE-612
11 CVEs classified under CWE-612. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-25635 | High | 8.8 | 2024-02-19 | alf.io is an open source ticket reservation system. Prior to version 2.0-Mr-2402, organization owners can view the generated API KEY and USERS of other organiz… |
CVE-2019-25605 | High | 7.5 | 2026-03-22 | EquityPandit 1.0 contains an insecure logging vulnerability that allows attackers to capture sensitive user credentials by accessing developer console logs via… |
CVE-2022-35980 | High | 7.5 | 2022-08-12 | OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. Versions 2.0.0.0 and 2.1.0.0 of the security plugin ar… |
CVE-2025-3653 | High | 7.3 | 2026-01-03 | Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an improper access control vulnerability that allows unauthorized device manipulation by acce… |
CVE-2025-3660 | Medium | 6.5 | 2026-01-03 | Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains a broken access control vulnerability that allows authenticated users to access other users'… |
CVE-2024-49071 | Medium | 6.5 | 2024-12-12 | Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose… |
CVE-2023-4560 | Medium | 6.5 | 2023-08-28 | Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4. |
CVE-2022-41918 | Medium | 6.3 | 2022-11-15 | OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. There is an issue with the implementation of fine-grained access control rules… |
CVE-2025-3654 | Medium | 5.3 | 2026-01-03 | Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to device hardware in… |
CVE-2025-57756 | Medium | 5.3 | 2025-08-28 | Contao is an Open Source CMS. In versions starting from 4.9.14 and prior to 4.13.56, 5.3.38, and 5.6.1, protected content elements that are rendered as fragmen… |
CVE-2022-22565 | Medium | 4.7 | 2022-04-12 | Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated and privileged user… |