Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-922

CWE-922

Insecure Storage of Sensitive Information

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

373 vulnerabilities with CWE-922

CVE-2024-38496 MEDIUM

Broadcom Symantec Privileged Access Management 3.4.6-4.1.7 - Unauthorized Information Disclosure of User Data

CVE-2024-34721 MEDIUM

Android - Unprotected User Data Exposure via MediaProvider ensureFileColumns Input Validation

CVE-2024-38453 HIGH

Avalara for Salesforce <7.0 - Info Disclosure

CVE-2024-5598 HIGH

Advanced File Manager <5.2.4 - Info Disclosure

CVE-2024-39459 MEDIUM

Jenkins Plain Credentials Plugin <182.v468b_97b_9dcb_8 - Info Discl...

CVE-2024-29953 MEDIUM

Brocade Fabric OS <9.2.1-9.1.1d - Info Disclosure

CVE-2024-35526 MEDIUM

Daemon PTY Limited FarCry Core <7.2.14 - Info Disclosure

CVE-2024-6295 LOW

udn News Android APP - Info Disclosure

CVE-2024-37654 MEDIUM

BAS-IP AV and AA Series < 3.9.2 - Unauthenticated Sensitive Information Exposure via HTTP GET Request

CVE-2024-38312 MEDIUM

Firefox for iOS < 127 - Info Disclosure

CVE-2024-23445 MEDIUM

Elasticsearch 8.10.0-8.13.4 - Sensitive Information Exposure via Cross-Cluster API Key Search Restriction Bypass

CVE-2024-3723 MEDIUM

Advanced Contact Form 7 DB <2.0.2 - Info Disclosure

CVE-2024-31404 MEDIUM

Cybozu Garoon <6.0.0 - Info Disclosure

CVE-2024-31400 MEDIUM

Cybozu Garoon <5.15.0 - Info Disclosure

CVE-2024-36788 MEDIUM

Netgear WNR614/JNR1010V2 N300-V1.1.0.54_1.0.1 - Sensitive Info Exposure via Missing HTTPOnly Cookie Flag

CVE-2024-5599 HIGH

FileOrganizer - WordPress File Manager <= 1.0.7 - Sensitive Information Exposure

CVE-2024-5206 MEDIUM

scikit-learn <1.5.0 - Info Disclosure

CVE-2024-35311 LOW

Yubico YubiKey <5.7.0 - Info Disclosure

CVE-2024-33004 MEDIUM

SAP Business Objects - Info Disclosure

CVE-2024-4213 MEDIUM

Shopping Cart & eCommerce Store <5.6.4 - Info Disclosure

CVE-2024-27789 MEDIUM

iPadOS < 16.7.8 - Unprotected User Data Exposure via Logic Issue

CVE-2024-23229 MEDIUM

macOS < 12.7.5, < 13.6.5, < 14.4 - Unprotected User Data Exposure via Find My Data

CVE-2024-28132 MEDIUM

F5 BIG-IP Next 1.2.0-1.2.9 - Authenticated Sensitive Information Exposure

CVE-2024-3717 MEDIUM

Contact Form 7 <1.3.7.7 - Info Disclosure

CVE-2024-32211 MEDIUM

LOGINT LoMag Inventory Management <1.0.20.120 - Info Disclosure

Previous Page 7 of 15 Next

Details

Vulnerabilities 373

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy