CWE-212

Improper Removal of Sensitive Information Before Storage or Transfer

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.

115 vulnerabilities with CWE-212
CVE-2020-13179 MEDIUM
Teradici PCoIP <20.04.1 - Info Disclosure
CVSS 5.5
CVE-2020-11740 MEDIUM
Xen 3.2.0-4.13.0 - Unauthenticated Sensitive Information Exposure via Unscrubbed Xenoprof Buffers
CVSS 5.5
CVE-2020-9780 LOW
iPadOS < 13.4 - Unprotected User Data Exposure via App Switcher
CVSS 3.3
CVE-2020-3874 MEDIUM
iPadOS < 13.3.1 - Sensitive Information Exposure via Screenshot Naming
CVSS 5.3
CVE-2020-1940 HIGH
Apache Jackrabbit Oak 1.2.0-1.22.0 - Sensitive Information Disclosure via Password Change Feature
CVSS 7.5
CVE-2019-20637 HIGH
Varnish Cache <6.0.5 LTS, 6.1.x, 6.2.x <6.2.2, 6.3.x <6.3.1 - Info ...
CVSS 7.5
CVE-2019-19362 MEDIUM
TeamViewer 14.3.4730 - Info Disclosure
CVSS 6.5
CVE-2019-13402 HIGH
Dynacolor FCM-MB40 v1.2.0.0 - Info Disclosure
CVSS 8.8
CVE-2019-11243 HIGH
Kubernetes v1.12.0-v1.12.4,v1.13.0 - Info Disclosure
CVSS 8.1
CVE-2018-6337 HIGH
Facebook Folly 2017.12.11.00-2018.08.09.00 and HHVM 3.26-3.26.3 - Weak Randomness via Forked Process Buffer Reuse
CVSS 7.5
CVE-2018-5559 LOW
Rapid7 Komand <0.41.0 - Info Disclosure
CVSS 3.4
CVE-2018-1062 MEDIUM
oVirt 4.1.x <4.1.9 - Info Disclosure
CVSS 5.3
CVE-2017-15113 HIGH
ovirt-engine <4.1.7.6 - Info Disclosure
CVSS 7.2
CVE-2005-0406 MEDIUM
image_processing - Information Exposure via Unmodified EXIF Thumbnail
CVSS 5.5
CVE-2002-0704 HIGH
Netfilter <1.2.6a - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 115
Links
MITRE CWE Entry Search this CWE With Exploits