Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-497

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

333 vulnerabilities with CWE-497

CVE-2025-1212 MEDIUM

GitLab CE/EE <17.6.5-17.8.2 - Info Disclosure

CVE-2025-1144 CRITICAL

School Affairs System - Info Disclosure

CVE-2025-22222 HIGH

VMware Aria Operations - Info Disclosure

CVE-2025-0061 HIGH

SAP BusinessObjects - Info Disclosure

CVE-2025-0059 MEDIUM

SAP NetWeaver Application Server ABAP - Exposure of Sensitive System Information via Local Browser Storage

CVE-2025-0056 MEDIUM

SAP GUI for Java >= BC-FES-JAV 7.80 < BC-FES-JAV 7.80 - Exposure of Sensitive System Information

CVE-2025-0055 MEDIUM

SAP GUI for Windows - Info Disclosure

CVE-2024-58320 MEDIUM

Kentico Xperience < 13.0.159 - Unauthenticated Sensitive Information Exposure via Public Endpoint

CVE-2024-13998 MEDIUM

Nagios XI <2024R1.1.3 - Info Disclosure

CVE-2024-13999 CRITICAL

Nagios XI <2024R1.1.3 - Info Disclosure

CVE-2024-13995 HIGH

Nagios XI <2024R1.1.2 - Info Disclosure

CVE-2024-12367 HIGH

Vegagrup Software Vega Master <20250916 - Info Disclosure

CVE-2024-51770 HIGH

HPE AutoPass License Server <9.17 - Info Disclosure

CVE-2024-45549 HIGH

Qualcomm Snapdragon and SM Series Firmware - Information Disclosure in MQ Channel Creation

CVE-2024-8313 HIGH

B&R APROL <4.4-00P5 - Info Disclosure

CVE-2024-10940 MEDIUM

Langchain-core <0.1.53,<0.2.43,<0.3.15 - Info Disclosure

CVE-2024-52905 LOW

IBM Sterling B2B Integrator <6.1.2.6, <6.2.0.3 - Info Disclosure

CVE-2024-11035 LOW

Carbon Black Cloud Windows Sensor <4.0.3 - Info Disclosure

CVE-2024-8550 HIGH

modelscope/agentscope v0.0.4 - Local File Inclusion via /load-workflow Endpoint Filename Parameter

CVE-2024-36554 CRITICAL

Forever KidsWatch - Info Disclosure

CVE-2024-37526 MEDIUM

IBM Watson Query on Cloud Pak for Data 1.8-3.0.0 Sensitive Information Exposure

CVE-2024-40706 MEDIUM

IBM InfoSphere Information Server 11.7 - Info Disclosure

CVE-2024-53683 MEDIUM

Ossur Mobile Logic Application < 1.5.5 - Exposure of Sensitive Credentials in JavaScript File

CVE-2024-11029 MEDIUM

Red Hat Enterprise Linux 9 - Exposure of Sensitive System Information via FreeIPA API Audit

CVE-2024-45640 MEDIUM

IBM Security ReaQta <3.12 - Info Disclosure

Previous Page 10 of 14 Next

Details

Vulnerabilities 333

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy