Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-497

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

333 vulnerabilities with CWE-497

CVE-2025-4235 HIGH

Palo Alto Networks User-ID Credential Agent - Info Disclosure

CVE-2025-10264 CRITICAL

Digiever Multiple Models < *.*.*.78 - Unauthenticated Sensitive Information Exposure

CVE-2025-6769 MEDIUM

GitLab CE/EE <18.1.6-18.3.2 - Info Disclosure

CVE-2025-9364 HIGH

FactoryTalk Analytics LogixAI - Exposure of Sensitive System Information via Over-Permissive Redis Instance

CVE-2025-58866 LOW

Rami Yushuvaev Site Info <1.1 - Info Disclosure

CVE-2025-58797 MEDIUM

Ninja Charts <3.3.2 - Info Disclosure

CVE-2025-2667 LOW

IBM Sterling B2B Integrator <6.2.0.5 - Info Disclosure

CVE-2025-36162 MEDIUM

IBM DevOps Deploy/UCD <8.1.2.2 - Info Disclosure

CVE-2025-8700 MEDIUM

Invoice Ninja - Privilege Escalation

CVE-2025-8597 MEDIUM

MacVim < r181.2 - Unauthorized Debugger Attachment and Memory Access via get-task-allow Entitlement

CVE-2025-57888 MEDIUM

NooTheme Jobmonster <4.8.0 - Info Disclosure

CVE-2025-27721 HIGH

INFINITT PACS System Manager - Info Disclosure

CVE-2025-48355 MEDIUM

ProveSource Social Proof <3.0.5 - Info Disclosure

CVE-2025-2988 LOW

IBM Sterling B2B Integrator & File Gateway <6.2.1 - Info Disclosure

CVE-2025-54736 MEDIUM

NordicMade Savoy <3.0.8 - Info Disclosure

CVE-2025-23288 LOW

NVIDIA GPU Display Driver - Info Disclosure

CVE-2025-23287 LOW

NVIDIA GPU Display Driver - Info Disclosure

CVE-2025-54422 MEDIUM

Sandboxie < 1.16.2 - Insufficiently Protected Credentials via Shared Memory and Command-Line Arguments

CVE-2025-53031 MEDIUM

Oracle Financial Services Analytical Applications Infrastructure <8...

CVE-2025-53862 LOW

Ansible Automation Platform - Unauthenticated Exposure of Sensitive System Information via API Endpoints

CVE-2025-6390 MEDIUM

Brocade SANnav <2.4.0a - Info Disclosure

CVE-2025-4662 MEDIUM

Brocade SANnav <2.4.0a - Info Disclosure

CVE-2025-53364 MEDIUM

Parse Server <7.5.3-8.2.2 - Info Disclosure

CVE-2025-7381 MEDIUM

Docker Mautic <=6.0.3/5.2.7 PHP Version Exposure via X-Powered-By Header

CVE-2025-2670 MEDIUM

IBM OpenPages 9.0 - Info Disclosure

Previous Page 7 of 14 Next

Details

Vulnerabilities 333

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy