Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-922

CWE-922

Insecure Storage of Sensitive Information

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

373 vulnerabilities with CWE-922

CVE-2025-43203 MEDIUM

iPadOS < 18.7 - Unprotected User Data Exposure via Cache Handling

CVE-2025-8699 CRITICAL

KioSoft Stored Value - Info Disclosure

CVE-2025-54083 MEDIUM

Calix GigaCenter ONT - Info Disclosure

CVE-2025-21041 MEDIUM

Samsung Android < 16.0 - Insecure Storage of Sensitive Information in Secure Folder

CVE-2025-53507 MEDIUM

iND Co.,Ltd HL330-DLS, HL320-DLS, LM-100, LM-200 - Insecure Storage of Sensitive Information

CVE-2025-25732 MEDIUM

Kapsch TrafficCom RIS-9160 & RIS-9260 <4.6.0.1211.28 - Privilege Es...

CVE-2025-46660 MEDIUM

4C Strategies Exonaut <21.6 - Info Disclosure

CVE-2025-37110 MEDIUM

HPE Telco Network Function Virtual Orchestrator 7.0.0-7.2.9 - Insecure Storage of Sensitive Credential Information

CVE-2025-28171 MEDIUM

Grandstream UCM6510 <1.0.20.52 - Info Disclosure

CVE-2025-28244 HIGH

Alteryx Server <2023.1.1.460 - Info Disclosure

CVE-2025-21003 MEDIUM

Emergency SOS <SMR Jul-2025 Release 1 - Info Disclosure

CVE-2025-42979 MEDIUM

SAP GUI for Windows - Insecure Storage of Sensitive Information in GuiXT Credential Registry

CVE-2025-37100 HIGH

HPE Aruba Networking Private 5G Core - Info Disclosure

CVE-2025-48929 MEDIUM

TeleMessage < 2025-05-05 - Insufficient Session Expiration

CVE-2025-45242 HIGH

rhymix v2.1.22 - Arbitrary File Deletion via procFileAdminEditImage Method

CVE-2025-46627 HIGH

Tenda RX2 Pro 16.03.30.14 - Auth Bypass

CVE-2025-2440 MEDIUM

Schneider Electric Trio Q Licensed Data Radio < 2.7.2 - Insecure Storage of Sensitive Information

CVE-2025-29809 HIGH

Windows 10/11, Server 2016-2019 Kerberos Sensitive Information Disclosure

CVE-2025-20945 MEDIUM

Galaxy Watch <SMR Apr-2025 Release 1 - Info Disclosure

CVE-2025-2489 MEDIUM

NTFS Tools <3.5.1 - Info Disclosure

CVE-2025-2241 HIGH

OpenShift Hive - Unauthorized VCenter Credential Exposure in ClusterProvision Object

CVE-2025-2157 LOW

Foreman/Red Hat Satellite - Info Disclosure

CVE-2025-20912 MEDIUM

DiagMonAgent <SMR Mar-2025 Release 1 - Info Disclosure

CVE-2025-21098 MEDIUM

OpenHarmony 4.1.0-5.0.2 - Out-of-bounds Read Bypass Permission Check

CVE-2025-22492 MEDIUM

Foreseer Reporting Software <1.5.100 - Info Disclosure

Previous Page 2 of 15 Next

Details

Vulnerabilities 373

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy