Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-497

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

333 vulnerabilities with CWE-497

CVE-2025-3506 MEDIUM

Checkmk 2.1.0-2.3.0 and < 2.4.0b6 - Unauthenticated Exposure of Sensitive System Information

CVE-2025-47540 MEDIUM

weDevs weMail <= 1.14.13 - Exposure of Sensitive System Information

CVE-2025-3606 HIGH

Vestel AC Charger 3.75.0 - Info Disclosure

CVE-2025-46421 MEDIUM

Red Hat Enterprise Linux - Unauthorized Authorization Header Exposure via HTTP Redirect

CVE-2025-32792 HIGH

ses < 1.12.0 - Exposure of Sensitive System Information via Compartment API

CVE-2025-39439 MEDIUM

wpLike2Get <1.2.9 - Info Disclosure

CVE-2025-39589 MEDIUM

WPDeveloper Essential Addons for Elementor <6.1.9 - Info Disclosure

CVE-2025-39556 MEDIUM

Mediavine Control Panel <2.10.6 - Info Disclosure

CVE-2025-26730 HIGH

NotFound Macro Calculator - Info Disclosure

CVE-2025-30686 HIGH

Oracle Hospitality Simphony 19.1-19.7 - Unauthorized Data Access and Partial Denial of Service via EMC Component

CVE-2025-32228 MEDIUM

WP Messiah Ai Image Alt Text Generator <1.0.8 - Info Disclosure

CVE-2025-31003 LOW

Bogdan Bendziukov Squeeze - Info Disclosure

CVE-2025-27934 HIGH

Wi-Fi AP UNIT AC-WPS-11ac - Info Disclosure

CVE-2025-32164 MEDIUM

maennchen1.de m1.DownloadList - Info Disclosure

CVE-2025-32026 LOW

Element Web <1.11.96 - Info Disclosure

CVE-2025-32255 MEDIUM

ERA404 StaffList <3.2.6 - Info Disclosure

CVE-2025-32251 MEDIUM

J. Tyler Wiest Jetpack Feedback Exporter <1.23 - Info Disclosure

CVE-2025-0278 MEDIUM

HCL Traveler < 14.0.0.1 - Internal Path Disclosure in Windows Application

CVE-2025-31832 MEDIUM

Beee ACF City Selector <1.16.0 - Info Disclosure

CVE-2025-30802 MEDIUM

WPBean Our Team Members <= 2.2 - Sensitive System Information Exposure

CVE-2025-27149 LOW

zulip_server < 10.0 - Unauthorized Sensitive Data Exposure via Data Export Feature

CVE-2025-2598 MEDIUM

AWS Cloud Development Kit 2.172.0-2.178.2 - Exposure of Sensitive System Information via Credential Plugin

CVE-2025-23382 MEDIUM

Dell Secure Connect Gateway (SCG) 5.0 Appliance - Info Disclosure

CVE-2025-26911 MEDIUM

Bowo System Dashboard <2.8.18 - Info Disclosure

CVE-2025-26758 MEDIUM

RebelCode Spotlight Social Media Feeds <1.7.1 - Info Disclosure

Previous Page 9 of 14 Next

Details

Vulnerabilities 333

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy