Fallos del tipo CWE-922
278 resultadosCVE-2023-32191CRITICALrke's credentials are stored in the RKE1 Cluster state ConfigMapEPSS 0.6%CVE-2024-44175HIGHThis issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1. An app may be aEPSS 0.6%CVE-2023-45182HIGHIBM i Access Client Solutions information disclosureEPSS 0.6%CVE-2024-27789MEDIUMA logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, macOS Monterey 12.7.5, macOS Sonoma 1EPSS 0.6%CVE-2022-1257MEDIUMImproper Verification of Cryptographic Signature by McAfee AgentEPSS 0.6%CVE-2022-32833MEDIUMAn issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue EPSS 0.6%CVE-2022-1021HIGHInsecure Storage of Sensitive Information in chatwoot/chatwootEPSS 0.6%CVE-2024-57436HIGHRuoYi v4.8.0 was discovered to allow unauthorized attackers to view the session ID of the admin in the system monitoring. This issue can allEPSS 0.6%CVE-2022-20939MEDIUMCisco Smart Software Manager On-Prem Privilege Escalation VulnerabilityEPSS 0.6%CVE-2024-28069HIGHA vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to EPSS 0.6%CVE-2022-2815MEDIUMInsecure Storage of Sensitive Information in publify/publifyEPSS 0.6%CVE-2024-5598HIGHAdvanced File Manager <= 5.2.4 - Sensitive Information Exposure via Directory ListingEPSS 0.6%CVE-2024-57546HIGHAn issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function.EPSS 0.6%CVE-2022-41320MEDIUMVeritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the baEPSS 0.5%CVE-2023-42913HIGHThis issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to oEPSS 0.5%CVE-2024-5599HIGHFileOrganizer <= 1.0.7 - Sensitive Information Exposure via Directory ListingEPSS 0.5%CVE-2023-22687LOWWordPress Freesoul Deactivate Plugins – Plugin manager and cleanup Plugin <= 1.9.4.0 is vulnerable to Sensitive Data ExposureEPSS 0.5%CVE-2024-48770HIGHAn issue in Plug n Play Camera com.wisdomcity.zwave 1.1.0 allows a remote attacker to obtain sensitive information via the firmware update pEPSS 0.5%CVE-2024-22808HIGHAn issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service (DoS) by disrupting the comEPSS 0.5%CVE-2024-25940MEDIUMbhyveload(8) host file accessEPSS 0.5%