Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-922

CWE-922

Insecure Storage of Sensitive Information

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

373 vulnerabilities with CWE-922

CVE-2023-6460 MEDIUM

nodejs-firestore <6.1.0 - Info Disclosure

CVE-2023-6253 MEDIUM

Digital Guardian's Agent <7.9.4 - Info Disclosure

CVE-2023-41723 MEDIUM

Veeam ONE - Insecure Storage of Sensitive Information in Dashboard Schedule

CVE-2023-34056 MEDIUM

VMware vCenter Server - Unauthorized Data Access via Partial Information Disclosure

CVE-2023-43634 HIGH

When sealing/unsealing the "vault" key - Info Disclosure

CVE-2023-43633 HIGH

lfedge/eve <8.6.0 - Unauthenticated Insufficiently Protected Credentials via GlobalConfig Override

CVE-2023-43631 HIGH

LF Edge EVE < 8.6.0 - Unauthenticated Credential Injection via Unprotected Config Partition

CVE-2023-43630 HIGH

Linux Foundation Edge Virtualization Engine 9.0.0-9.4.9 - Credentials Exposure via PCR14 Bypass

CVE-2023-32184 HIGH

opensuse-welcome <0.1.9+git.35.4b9444a - Code Injection

CVE-2023-41965 HIGH

Vulnerable Device - Info Disclosure

CVE-2023-40728 HIGH

QMS Automotive <V12.39 - Code Injection

CVE-2023-37879 MEDIUM

Wing FTP Server <= 7.2.0 - Info Disclosure

CVE-2023-29261 MEDIUM

IBM Sterling Secure Proxy <6.1.0 - Info Disclosure

CVE-2023-37439 MEDIUM

EdgeConnect SD-WAN Orchestrator < 9.1.8 - Authenticated SQL Injection

CVE-2023-28864 MEDIUM

Progress Chef Infra Server <15.7 - Info Disclosure

CVE-2023-37563 MEDIUM

ELECOM wireless LAN routers - Info Disclosure

CVE-2023-23348 MEDIUM

HCL Launch 6.2.0.0-6.2.7.20 - Sensitive Information Exposure via Configuration File

CVE-2023-32415 MEDIUM

iPadOS 16.0-16.4 - Unprotected User Data Exposure via Sensitive Location Information

CVE-2023-26427 LOW

open-xchange_appsuite_backend < 7.10.6 - Unauthenticated Sensitive Information Exposure via Insecure File Permissions

CVE-2023-29757 HIGH

Blue Light Filter <1.5.5 - Privilege Escalation

CVE-2023-29755 HIGH

Twilight <13.3 - Privilege Escalation

CVE-2023-3064 HIGH

Mobatime AMXGT100 <1.3.20 - Info Disclosure

CVE-2023-29727 CRITICAL

Call Blocker app 6.6.3 - Privilege Escalation

CVE-2023-2665 HIGH

GitHub francoisjacquet/rosariosis <11.0 - Info Disclosure

CVE-2023-31150 HIGH

SEL RTAC Module Firmware < r150-v2 - Authenticated Password Retrieval via Recoverable Format

Previous Page 10 of 15 Next

Details

Vulnerabilities 373

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy