CWE-219

Total CVEs
6
Vulnerabilities
Avg CVSS v3
6.5
Medium
Avg CVSS v2
5.0
Medium
Latest CVE
2024
Most Recent

Severity Distribution

Critical 0
0%
High 3
50%
Medium 3
50%
Low 0
0%

External References

MITRE CWE
Official CWE definition
NIST NVD
Search CVEs by CWE

All CVEs (6)

Page 1 of 1

CVE-2022-21236

HIGH
CVSS:8.1(High)

An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a disclosure of sensitive ...

CWE-2192022

CVE-2024-39776

HIGH
CVSS:7.5(High)

Avtec Outpost stores sensitive information in an insecure location without proper access controls in place.

CWE-2192024

CVE-2022-36306

MEDIUM
CVSS:6.5(Medium)

An authenticated attacker can enumerate and download sensitive files, including the eNodeB's web management UI's TLS private key, the web server binary, and the web server configuration file. These vu...

CWE-2192022

CVE-2023-39467

MEDIUM
CVSS:5.3(Medium)

Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trian...

CWE-2192023

CVE-2002-2024

MEDIUM
CVSS:5.3(Medium)

Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for (1) poppassd.php3, (2) login.php3?reason=chpass2, (3) spelling.php3, and (4) ldap.search.php3?ldap_...

CWE-2192002

CVE-2024-56159

HIGH

Astro is a web framework for content-driven websites. A bug in the build process allows any unauthenticated user to read parts of the server source code. During build, along with client assets such as...

CWE-2192024