CWE-921
9 CVEs classified under CWE-921. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-30016 | Critical | 9.8 | 2025-04-08 | SAP Financial Consolidation allows an unauthenticated attacker to gain unauthorized access to the Admin account. The vulnerability arises due to improper authe… |
CVE-2024-9334 | High | 8.2 | 2025-02-27 | Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control vulnerability in E-Kent Pallium Vehicle Tracking allows Authenti… |
CVE-2023-41965 | High | 7.5 | 2023-09-18 | Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication proce… |
CVE-2023-2665 | High | 7.5 | 2023-05-12 | Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0. |
CVE-2025-24870 | Medium | 6.0 | 2025-02-11 | SAP GUI for Windows & RFC service credentials are incorrectly stored in the memory of the program allowing an unauthenticated attacker to access information wi… |
CVE-2025-24843 | Medium | 5.1 | 2025-02-28 | Insecure file retrieval process that facilitates potential for file manipulation to affect product stability and confidentiality, integrity, authenticity, and… |
CVE-2023-41818 | Medium | 5.0 | 2024-05-03 | An improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read… |
CVE-2024-5206 | Medium | 4.7 | 2024-06-06 | A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fi… |
CVE-2021-27456 | Low | 2.4 | 2022-03-23 | Philips Gemini PET/CT family software stores sensitive information in a removable media device that does not have built-in access control. |